The pandemic, being a major disruptor in the decade, has completely altered the way the corporate world operates, and one of the pressing issues which have arisen as a consequence of the situation is that of cyberattacks. The digital attack on the US government, namely ‘SolarWinds Hack’, is one of the latest incidents from the series of attacks that have taken place in this year itself.
The Current Scenario:
The precautionary orders of social distancing have had lead to the practice of work from home and employees have to resort to using their cyberinfrastructure . Organizations offer a sophisticated VPN to the employees but in the case of remote access people have found the protocols too restrictive and may try to subvert them and end up potentially exposing the information to third-parties.
The hastily adopted collaborative software may not measure to the security standards as the companies focus on maintaining the business continuity in the digital realm.
These acts have ironically affected the healthcare sector. Most of the government and healthcare organizations have seen a rapid increase in the Distributed Denial of Services (DDoS) attacks in the pandemic. The hackers flood the organizations’ websites or systems with fake or bot users to crash the normal functioning of the system and thus interrupt the communication channel.
Cybercriminals are launching ransomware attacks in hospitals, health centers, education, and public institutions .Since they can’t afford to be locked out of their systems because of the current situation, criminals are optimistic that these organizations can pay the ransom. The ransomware infects the system via email attachments, links, or through working employees whose credentials are already compromised by exploiting a vulnerability in their systems. Cybercriminals are now even offering ransomware-as-a-service on the dark web.
The sectors which prospered during the pandemic, now seem to be the main target behind these attacks. The customers of the retail and banking industries were heavily targeted during the festive season, as the criminals were able to lure the clients by creating fake e-commerce platforms.
Possible Solutions :
The steps can be taken on the organizational level as well as incorporated in the legal framework :
- “Pen” (Penetration) tests at an increased frequency
- Table-Top exercises which consist of assigning roles to personnel
- External Vulnerability scans to assess the stress response of the companies’ information system.
- Ongoing Phishing Training with the help of sentiment analysis
The Indian government has identified cybersecurity as one of the future threats to the economic growth of the country. It was found that India was one of the top three countries facing the threat to its digital infrastructure, with a record of 4 Lakh attacks in 2019 itself.
Taking cognizance of the fact that the future lies in the Internet of Things (IoT), the National Security Agency introduced the ‘National Security Directive on Telecom Sector’ and focuses on integrating the digital supply chain with a list of trusted products to ensure the integrity of the changing business dynamics.
The issue of cybersecurity in the wake of the pandemic, introduce to the corporate world a new paradigm of ethics and security and demands and disruptive innovation to accommodate the needs of the consumers.
Sources:
Times of India
Deloitte.com
Infosys .com
Greater Kashmir
Economic Times
Strategy Unboxed 
Leave a comment