How hackers are using Covid-19 to launch new phishing attempts

The cyber security threat in Scotland, from the likes of phishing scams, has been heightened as a result of the Covid-19 pandemic, with fraudsters finding new ways to trick people, according to an industry expert.

Picture: Shutterstock

Richard Holmes, head of cyber security in the UK with CGI, a global IT services group, says that while there is not necessarily more cyber fraud happening during coronavirus, the 'bad guys' have found novel ways of attacking individuals and businesses.

He explains that about 85 per cent of cyber attacks are initiated through phishing. This might entail the criminal sending an email to tempt a user to click on embedded malware. Or it could be a link to a website that downloads malware to initiate ransomware.

“With phishing it's all about being new and finding the latest way to tempt people to click on something, says Holmes. “There has been a big swing to phishing-related attempts linked to Covid-19, such as fraudulent emails asking users to click to get the latest news on the virus from the government.”

“With banking, for example, people are generally familiar with the emails they get and can often spot phishing attempts. But when it's a new subject people don't know what to expect, so they are more likely to fall for it.”

He adds that such attempts at phishing are playing on people's fears. If an email is billed as urgent this can be a barrier to normal, rational processing.

“It's not that there are more bad guys, but they see an opportunity to switch their mode of attack while still being all about phishing,” says Holmes.

Holmes says Covid-19 has led to many organisations across the public and private sector, such as local authorities, schools and business of all sizes, having to rapidly implement changes to enable continuity.

In the UK, about half of CGI’s work is with government departments and local authorities, including Glasgow, Edinburgh and the Borders, while the rest is with private businesses across such sectors as energy, utilities and telecoms.

“Schools and organisations have had to rapidly make changes,” explains Holmes. “Schools have all their pupils trying to work from home through some system of online teaching. They have to ensure every student can access learning remotely.”

While many businesses would have some remote working in place, they might now face scaling problems with almost all their employees being based at home. Along with this shift, there has been the well-reported escalation of the use of such platforms as Zoom and Microsoft Teams which can bring challenges.

Holmes says: “Organisations normally have a good understanding of threats associated with cyber security in their normal business operations. With the pressure to adapt quickly to remote working, some organisations may not have had time to do proper cyber security assessments.”

He explains that companies have to be aware of who is logging in and at what times, be able to monitor for any suspicious activity and know what data is leaving the organisation. They also have to know what controls people have on home devices they are using for work.

“Remote working is going to be here for a long time. It's not like we are all going to be back in the office in a month's time,” explains Holmes. “Organisations need to be looking at cyber security in this new world and be aware of the risks.

“With platforms such as Zoom, people should be aware of where their personal data is going and read the small print.”

According to Holmes, cyber security is always high on an organisation’s agenda, not just during Covid-19. Each year CGI goes out to 1,500 UK organisations with a consistent set of interviews on their business and IT priorities. Holmes says that cyber is an enabler for the main things that organisations want to achieve, including excellent customer experience, digitisation, optimising operations and agility.

“Cyber is right up there when you look at IT priorities,” says Holmes. “You don't do cyber security for an end in its own right. You do it because you're driven by other reasons. Typically because you need resilience and reliability in your systems, and you want to protect the data of your employees, customers or citizens. And it can be an enabler for innovation.”

When it comes to finding people with the right skills to work in cyber security, Holmes believes that Scotland is well-placed.

CGI works with Skills Development Scotland on sessions with pupils on ethical hacking sessions.

Here youngsters get a taste for working in the cyber security industry by looking for security flaws in a test website and by speaking to CGI’s own cybersecurity experts who visit Scotland’s schools.

Holmes points to establishments such as Edinburgh Napier, Abertay and Robert Gordon Universities, which have a good reputation for cyber courses. He says: “Having local universities being able to upskill workforces for roles in cybersecurity is a fabulous place to start.”

He sees universities as one part of what he describes as Scotland’s well-functioning cyber security ecosystem. This ecosystem also includes such elements as the Scottish Business Resilience Centre, a model which is being replicated in other parts of the UK, the Tay Cities Deal and the willingness of small businesses and big companies, including CGI, to collaborate.

For more information on how CGI helps clients manage complex security risks visit www.cgi-group.co.uk/en-gb/cyber-security