PETALING JAYA, 21 April 2020 – Technology, especially access to the internet and social media, has been a saving grace for many during this containment phase in combatting the COVID-19. But this scenario has also provided an opportunity for malicious groups to exploit the current pandemic and launch cyberattacks.
“Right now, everyone is heavily reliant on their laptops or mobile phones to conduct their everyday needs such as online banking, shopping or donating to causes and charities. Criminals are not afraid to take advantage of that,” warned Tan Kim Chuan, Head of Forensic at KPMG in Malaysia.
“Those with ill intent are playing on the uncertainty of the situation coupled with isolation from social distancing to spread fake news and trick people into divulging their online banking details. Just one careless step could lead someone into becoming a victim of fraud and losing more in what is already a difficult situation,” he added.
An increase in COVID-19 themed phishing lures, high-risk fake domains and scams prove that cybercriminals are changing their modus operandi in order to manipulate fear and target individuals and businesses in a variety of ways.
According to Tan, cybercrimes and scams have been successful because of its simplicity and it doesn’t require complicated countermeasures to prevent cyber incidents. Some practical and logical preventive steps include:
During this time when negligence or carelessness could accidentally open doors to an unwanted cyber breach or financial loss, it isn’t only individuals who are at risk but also organizations that need to remain vigilant.
“With the abrupt transition to remote working as a result of the enforced Movement Control Order (MCO), companies are rolling out new remote working and cloud infrastructure at pace and forced to implement ad-hoc security models and approaches to secure that infrastructure. Yet on the other side, we also observe how organized crime have responded rapidly to the crisis by orchestrating large scale campaigns to defraud customers and businesses,” Tan explained.
Hence, as an immediate measure, companies should focus on embedding pragmatic remote working security controls to deal with COVID-19 themed threats. This includes implementing the following measures at minimum, in order to protect their business and remain resilient:
For more insights, visit the KPMG microsite Embedding Resilience: The Business Implications of Coronavirus.