It is no secret that life has changed significantly since the novel Coronavirus, or COVID-19, made its entrance onto the world stage. All the things we once took for granted: going to work; attending religious services; sporting events; school – all social events have been cancelled indefinitely. These changes to our daily interactions are due to risks to our health, of course, but they also impact our online lives. Because we are all doing what we need to do, whether it be shopping, learning, working or socializing on our computers in the form of meetings hosted by companies such as Zoom or GoToMeeting, we have become particularly vulnerable to hackers, spammers and fraudsters of all kinds.
These new vulnerabilities have several root causes. Firstly, anyone who can is now working from home. While this is great as far as protecting your health, most home computer networks have fewer security defenses than those in your office. It is also true that most homes do not come with a live-in IT person, unless you are lucky enough to have a teenager on site. Secondly, most scams run on fear to create stress or distraction. This in turn makes us more vulnerable to the types of virus-related scams that are proliferating like evil mushrooms in fear-rich soil. It is no wonder that malicious scams and fraud are able to succeed in our new online world.
It is no secret that phishing and scam websites are proliferating at a frightening pace since the pandemic first began, with thousands of new domains springing up even as we speak. Wikipedia defines phishing as “the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.” Blinded by fear and with their usual defenses down, victims of phishing attacks can suffer severe and irreparable loss to their finances and their reputation. Crane Hassold, Senior Director of threat research at the email security firm Agari, says that his team is particularly wary of the threat phishing poses to people working remotely. “Home Wi-Fi often doesn’t have the same defenses – think firewalls and anomaly detection monitoring – of corporate environments. And it doesn’t help that some leading corporate VPNs have major vulnerabilities that companies don’t always take the time to patch.” All of these factors can lead to the perfect storm of fraud and loss for those already suffering under the strain of a global pandemic.
These new vulnerabilities can have widespread and damaging consequences. “This global crisis is an emergent vulnerability in the broadest sense possible,” says Lukasz Olejnik, an independent cybersecurity research and consultant who has been analyzing the digital security risks posed by the pandemic. “The current situation poses enough challenges. Any additional undesirable events would just make it more difficult. So one worst case consequence of a cyberattack could be slowing down crisis response, for example, in the health care sector.” That our already fragile and overburdened health care systems could be targeted just when they are least able to fight such an attack is truly terrifying.
Some of these potential malicious attacks are aimed at draining our bank accounts, stealing our identities or procuring sensitive financial information, with an aim towards financial gain. However, some of the new problems plaguing online interactions are done without any apparent financial motivation at all. For instance, consider the new phenomenon called “Zoom Bombing.” As we stated earlier, many teachers, workers and others who would otherwise be in the classroom or workplace are now forced to conduct their business using an online platform like the popular Zoom app. Zoom bombing is when uninvited strangers intrude on others’ meetings. They may choose to silently listen in or they may disrupt the meetings in stupid or even threatening ways by yelling obscenities or showing pornographic images. Some people have even been subjected to hate speech or racial slurs.
In our defense, the global pandemic was sudden and unforeseen and all of these new changes have come on us with little time to prepare. Rapid changes to our daily lives have also changed how we interact with our computers and internet technologies. Without time to work through these changes and bolster our defenses, we are at particular risk. The pandemic has done more than shine a spotlight on our existing weaknesses and vulnerabilities – it has created new ones. Because these new vulnerabilities pose high risk to our already fragile finances and even our stressed psyches, we need to work hard and struggle to catch up.