Cyber_security_newsletter2

COVID-19 Cyber Threats: Malware via Torrents

By now a third of the global population is on lockdown due to the COVID-19 pandemic which caused a lot of people to be trapped in their homes for more than a month.

There’s many people who are unable to work from home and even those who are able to work from home have to keep their kids busy and then there’s evening and weekends where everyone is stuck in their homes. You can clean the house, mow the lawn and play dress up (or WWE smackdown for those with boys) for so long.  For many, the television turned out to be a saving grace.

South Africa experienced a 15% increase in Internet traffic accross SEACOM’s, the operator of one of South Africa’s major undersea fibre cables, network.1

Zoom

The increase in remote workers had a corresponding increase in the usage of  video conferencing tools.  According to SimilarWeb, an analytics firm, the rise in daily traffic to the Zoom video conferencing platform download page increased with 535%.

Lately, Zoom was referred to as being malware which is not true, but hackers are feeding that delusion by exploiting its popularity.2

Webroot, an IT security company, saw an increase above 2 000% of malicious files with zoom in the name, during the lockdown period. Cyjax, a security company, also indicated that an automated Zoom meeting discovery tool, zWarDial, provides threat actors with "the ability to find non-password protected Zoom meetings."

Zoom however announced it will be rolling out a new version, Zoom 5.0,  supporting advanced encryption to provide increased protection for its users. “The next iteration of the product, Zoom 5.0, is due to be launched within the next week and will form a “key milestone” in the firm’s 90-day plan to identify, address and enhance the security and privacy capabilities of the service, said CEO Eric Yuan.” 3   This will ensure increased protection and resistance against tampering of meeting data.

Cyber security lessons learned

  • Make use of a VPN to connect securely to the corporate network.
  • Use multi-factor authentication wherever possible.
  • Ensure all corporate devices – including mobiles, laptops and tablets are protected with adequate security software.
  • Segregate personal devices/life from corporate computers.
  • Ensure the latest available updates are installed regularly.
  • Only use corporate-approved teleconferencing software.
  • Practice basic cyber security rules.

Not sure whether your VPN is secure?

Contact LAWtrust regarding systems and services that can assist in making you more secure while working from home.


Notes
https://mybroadband.co.za/news/internet/344937-how-much-internet-traffic-in-south-africa-has-increased-due-to-the-coronavirus.html

Winder, D. (2020, April 12). Zoom Isn’t Malware But Hackers Are Feeding That Narrative, And How: Zoom-Related Threats Up 2,000%. https://www.forbes.com/sites/daveywinder/2020/04/12/zoom-isnt-malware-but-hackers-are-feeding-that-narrative-and-how-zoom-related-threats-up-2000/#1a9319681ae5

Scroxton, A. (2020, April 23). Zoom to roll out fresh cyber security updates. https://www.computerweekly.com/news/252482048/Zoom-to-roll-out-fresh-cyber-security-updates