- Steve Grobman, Senior Vice President and Chief
Technology Officer, McAfee
Change is a constant in technology, and the
greatest changes are often driven by major events that fundamentally reshape
how people work and conduct business. In the Age of Coronavirus, more than
ever, technology and cybersecurity must keep pace with disruption and change,
adapt to adversity, and even accelerate their development wherever possible.
The enormous increase in remote work over the last
couple of months has placed new pressure on organizations to ensure that
employees working from home can access corporate resources from outside
corporate-controlled offices and infrastructure. Simultaneously, cybercriminals
are seeking to gain from the strain this places on technologies, business
procedures, and processes. A critical and effective vector for these
adversaries exploiting the health and economic concerns created by the
pandemic.
This week, McAfee Labs released a report entitled
“COVID-19: Malware Makes Hay During a Pandemic” to highlight the last few months of
pandemic-themed threat landscape activity. The threats typically leverage a phishing email
delivery method, with Coronavirus themes and messages developed to lure
employees and family members into engaging with and enabling threats to gain a foothold
on their systems.
Once established, that foothold can allow cyber
adversaries to download malware used to steal
corporate usernames and passwords, data, monitor
employee user activity, capture user keystrokes, track network traffic and
browser activity, and infiltrate networks and cloud services beyond the home.
They can impersonate their victim to send emails from the infected machines to
propagate themselves on numerous other systems. In the case of ransomware, they
could encrypt system files and refuse to decrypt them until the victim sends
them a ransom payment.