With work routines changing and far more people working remotely due to the COVID-19 pandemic, computer users need to be vigilant to protect our digital infrastructure, advises a Brock University professor.<\/p>\n
\u201cWe will be increasingly subject to a range of cybersecurity threats as our attention is placed on fighting COVID-19,\u201d says Aaron Mauro, Assistant Professor in Brock\u2019s Centre for Digital Humanities. \u201cWe\u2019re seeing tremendous sums of money being spent by governments, which will be a target for hackers interested in using ransomware attacks, for example.\u201d<\/p>\n
Ransomware attackers use phishing scams to access an organization\u2019s computer system and to install software that locks legitimate users out of the system by encrypting files. The attackers then demand financial payment to restore access.<\/p>\n
The U.K.\u2019s National Health Service was a notable victim of a ransomware attack in May 2017, locking staff out of 200,000 computers. The attack and its aftermath are estimated<\/a> to have cost the Health Service more than $120 million.<\/p>\n In more recent months, ransomware attacks have targeted municipalities in Johannesburg, Baltimore, Albany and Atlanta.<\/p>\n Mauro worries hospitals and other critical infrastructure may be targeted by cyber attacks during the peak pandemic crisis, when government and public health officials are already exhausted.<\/p>\n \u201cA targeted email sent to several high-level hospital or public health officials has the potential to grant high level access to computer systems and potentially cripple some portion of the digital infrastructure that supports our healthcare system,\u201d he says.<\/p>\n Mauro advises everyone to be extra cautious.<\/p>\n \u201cCheck the sender\u2019s email carefully,\u201d he says. \u201cThey may look legitimate and even differ by only a few characters. If you are sent a link or a suspicious file, avoid opening it if at all possible.\u201d<\/p>\n Users should never enter their login credentials in an unfamiliar site and should use second-factor authentication when available. If asked to login to a site, users should navigate to the site themselves, rather than follow a potentially suspicious link in an email.<\/p>\n \u201cWe all need to think like a cybersecurity professional to avoid compromising our sensitive digital infrastructure that we will depend upon in the coming months,\u201d says Mauro.<\/p>\n Brock ITS warned the Brock community Tuesday about a COVID-19 phishing scam currently circulating<\/a>. Staff and students are urged to exercise caution opening, answering or clicking on links outside of the brocku.ca domain related to the COVID-19 virus.<\/p>\n