One Year Later: How COVID-19-Related Hacking Attempts have Affected Industrial Cybersecurity Risks
One year has passed since the beginning of the COVID-19 pandemic, and its effects have been transformative for hundreds of companies in the industrial automation space.
The pandemic has hindered industrial firms ‘ efforts worldwide, from supply and labor shortages to shipping and sanitation issues. Cyberattacks on industrial facilities have also been a damaging constant throughout the past year, and many of them continue today.
A computer rendering of the COVID-19 virus. Image used courtesy of the Centers for Disease Control and Prevention (CDC)
These actions, conducted by various malicious actors, exploited the psychological weaknesses of individuals during the pandemic and the inherently inadequate security measures deriving from a wide and rapid transition to a remote workforce.
We have surmised all the primary attacks that occurred during 2020, the precautions taken by industrial companies to tackle them, and analyzed how this phenomenon seems to be growing further with the unrolling of vaccines around the world.
Exploiting the Pandemic for Personal Gain
The first recorded phishing attempts exploiting COVID-19 fears were reported almost exactly a year ago.
In March 2020, the pandemic was starting its impact on the global economy. Figures discovered by Trend Micro already showed an increase in phishing attempts, fake domains, and malware attacks targeting the industrial automation and manufacturing industry.
The trend intensified over the following months. In September, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released new guidelines for companies to prevent and respond to ransomware attacks.
A month later, aware of the increasing dangers posed by malicious actors, Honeywell launched a new version of its Secure Media Exchange software, designed to protect removable media and USB ports from cybersecurity attacks.
The SMX platform. Image used courtesy of Honeywell
Finally, 2020 ended with CISA discovering two vulnerabilities in GE Healthcare imaging and ultrasound products in December. GE Healthcare reportedly patched the vulnerabilities before any cyberattack was able to exploit them.
An Evolving Threat
The new year started with the roll-out of various COVID-19 vaccines; with it, a raise in vaccine-related fake domain registrations. According to Barracuda Networks' data, the average number of COVID-19 vaccine-related spear-phishing attacks increased 26 percent between October 2020 and January 2021.
A vaccine-related phishing graph throughout 2020. Image used courtesy of Barracuda Networks
To protect industrial firms from these and other security risks, AppDynamics (a subsidiary of global security firm Cisco) released a new framework in February to simplify vulnerability management.
As found by Volexity, Microsoft users were recently the latest victim of malicious actors exploiting the COVID-19 vaccine to execute phishing attempts. Numerous individuals using Outlook and other Microsoft email addresses reportedly received various suspicious emails over the past few weeks, many of which impersonated the CDC.
The emails tried to convince recipients to download and execute malicious attachments or provide their credentials via bogus websites designed to look authentic. For example, a malicious website recently discovered by Check Point researchers impersonated the CDC and asked users to insert their Microsoft credentials into a website designed to look like a real Microsoft login page.
Mitigating Cyber Threats
While malicious actors keep trying to exploit companies’ and people’s weaknesses, there are several practices and countermeasures you and your company can deploy to keep devices and company equipment safe.
Following CISA’s anti-phishing guidelines is always an advised countermeasure. However, companies and employees should also consider deploying software solutions specifically designed to protect against cyberattacks.
What are your thoughts about the increasing cybersecurity issue and industrial automation?