Malicious actors have taken advantage of the COVID-19 coronavirus pandemic to perpetrate cybercrimes. One the most high-profile trends in recent months has been the continued attempts by foreign state-sponsored hackers to infiltrate the networks of pharmaceutical companies, universities and government organizations conducting critical coronavirus vaccine research.


Unlike the virus itself, these crimes are in no way “novel” and are rather many of the same schemes cybersecurity professionals commonly face. The most prevalent type of cybercrime both prior to and during the pandemic have been phishing scams that spoof emails and websites that target sensitive and confidential information.  COVID-19 has augmented some of the content that criminals use for this scam; for example, sending email messages related to COVID-19 and creating domains that use the virus’ name in the address.


Another reason that cybercrime has spiked during the pandemic is the general lapse in security caused by the vast migration of workers to off-site work. Many organizations, even those with on-site network security procedures, were unprepared to deal with the consequences of the bulk of their employees working from home. Compromised VPNs, increased mobile use for data transmission, and IoT vulnerabilities led to unsecured networks that bad actors could exploit.


What Can I Do to Protect My Employees and Business Now?

The reality for both the United States and many parts of the world is that COVID-19 and remote working arrangements look to remain in place for the rest of 2020, and perhaps beyond. Ensuring your organization has a security framework to protect your business, employees and customers is paramount.


Boulay’s Risk Advisory team can provide an integrated defense strategy through our IT Audits and Risk Assessments, as well as a cost-effective and streamlined SOC 2 Examination for service organizations. If you have any questions or concerns around your company’s information security, please contact our Risk Advisory professionals for guidance and solutions.