Bahrain has seen an impressive 39 percent drop in the number of COVID-19-related cyber-attacks from 4,028 in the second quarter (Q2) of 2020 to 2,463 in Q3 2020, according to new research from Trend Micro, a leader in cloud security.
In Q3 2020, Bahrain’s Covid-19 related cyberattacks included: 2,415 email spam attacks, down 31 percent from 3,509 in Q2 2020; 48 malicious URL hits, down 91 percent from 518 in Q2 2020; and 0 malware detections, down from 1 in Q2 2020.
“Bahrain’s 39 percent decrease in Covid-19 related cyberattacks is an impressive signal that Bahrain’s IT decision-makers are taking pandemic-related attacks seriously,” said Assad Arabi, Managing Director – Gulf Cluster, Trend Micro. “We are seeing Bahrain’s organizations deploy the right cybersecurity solutions and processes to enable secure remote work and work from home environments.”
During Q3 2020, the 14 countries of the Mena region experienced a total of 125,219 Covid-19 related cyber-attacks, including 101,188 email spam attacks, 23,696 malicious URL hits, and 335 malware detections, according to Trend Micro’s Smart Protection Network.
Mena’s Covid-19 attacks were down by 54 percent, with a 29 percent decrease in email spam attacks, an 82 percent decrease in malicious URL hits, but a 4.5-fold increase in malware detections.
“While the Bahrain and the Middle East are beginning to emerge from the pandemic, organizations must continue to protect their employees and malicious URLs and files that are embedded with malware,” added Assad Arabi. “One of the biggest concerns is about phishing emails related to Covid-19 health and safety measures, or career updates, which could also expose sensitive corporate data to hackers.”
Worldwide, Covid-19 related threats in Q3 2020 tallied 4,859,121 threats, including 3,818,307 total email threats, 1,025,301 hits on malicious URLs, and 15,513 detected malware files. Worldwide, from Q2 to Q3 2020, there was a 46.9 percent decrease in email threats, but a 47.4 increase in malicious URL hits.
Cybercriminals shift social engineering tactics amid Covid-19
Trend Micro’s researchers have found that this spike in malicious activity coincided with a shift in social engineering tactics — instead of using Covid-19 information to trick users, criminals used coronavirus-related school updates and job listings. For example, many schools required more information about students’ health as part of their safety protocols for combating the virus.
Headers used in phishing emails have also changed. Instead of using Covid-19 as the subject, malicious actors are using titles related to job opportunities to trick users into opening spam mail.
Many people are out of work due to the economic downturn caused by the pandemic, and are eager to find job openings. Threat actors are aware of what users click on and use the most obvious bait to make their schemes more effective.
Companies and employees need to secure work from home setups
In remote work setups, organizations should set up two-factor authentication, preconfigure work from home arrangements, back up data, ensure that there are enough VPN licenses, and limit the use of VPNs. Employees should use a company computer, follow company security standards, use company-designated VPNs, split networks, prepare backup options, and be wary of online scams.
Home network security basics include securing the router, work with a proxy, strengthen passwords, and keep software up to date. For families, Internet safety fundamentals include securing other computers in use, protecting smartphones, saving bandwidth, and discussing the importance of online safety.