Many are calling COVID-19 the biggest cyber security threat to ever hit businesses.

Hackers are taking advantage of the huge increase in the number of devices now being used on a daily basis for work purposes. The transition to remote work came quickly with most businesses at a loss to train their employees security protocol for their home devices and networks.

In some cases, we are seeing employees devices that are deliberately left insecure. For example, removing admin permissions so employees can install software without approval.

More often, the problem is simply that employees are unaware how unprotected their personal devices and networks are. They may be working on their personal devices with no VPN with little idea how wide they are opening the door to attackers.

Understanding the risks of remote working and the types of attacks is the first step in educating employees on how to protect themselves. Here are some of the most common attacks we have seen since the lockdown began and how to avoid them:


Those ‘fishy’ looking emails that almost look like they’re from a real person but have a bunch of spelling errors? Those are phishing attacks. Phishing is the practice of impersonating a trusted source via email to somehow influence you to open yourself to attack. This might mean imputing your personal details or passwords or tricking you into clicking a link that downloads malware to your device.

We’ve seen a number of phishing attacks impersonating COVID-19 authorities in the last few months including the World Health Organisation.

Spear phishing is a more insidious and targeted type of phishing. Here attackers spend time researching their audience to create personal and relevant messages and they can be harder to detect. A classic device they use is to use the name of someone you know in the ‘From’ field (maybe your colleague or boss). However, the domain address will often be a generic one which can be a good detection sign. Spear phishers may also set up fake websites that impersonate real ones to dupe you into putting in your personal details.

With many hackers now at home in front of their computers even more than usual, phishing attacks have increased by 667% since February in the UK.

With many hackers now at home in front of their computers even more than usual, phishing attacks have increased by 667% since February in the UK.

How to avoid: Read carefully- many phishing attacks will contain incorrect grammar or have extreme calls to action. Hover over the link- before you click, check where a hyperlink will take you and make sure it’s a real one.

DDoS attack

A denial-of-service attack or distributed-denial-of-service attack (DDoS) operated by overwhelming systems, servers, or networks with traffic to exhaust resources and bandwidth. When it does this, the system can’t fill requests which results in exhausted bandwidth and stops the business from being able to fulfil legitimate work.

For big business and corporations, this is one of the dreaded top 3. It is both common and incredibly disruptive.

How to avoid: Preventative measures consist of basic cyber hygiene like strong passwords, enabled and up to date firewalls, and secure network connections. You should also look out for early warning signs of an attack and take action immediately. Some symptoms of an attack include network slowdown, inconsistent connectivity, and random web shutdowns.

Ransomware attack

Ransomware one of the fastest growing methods of cyber attack. Cyber Security Ventures reports that ransomeware attacks increased 97% from 2017 to 2019 and projects that by 2021, companies will fall victim to a ransom attack every 11 seconds.

Ransomware is just one kind of malware which is any kind of software that makes its way onto your computer without you knowing or choosing to add it (for example, a malicious software downloaded when you click a link in one of the phishing emails we talked about). It can often attach itself to legitimate software and replicate itself.

ransomeware attacks increased 97% from 2017 to 2019 and projects that by 2021, companies will fall victim to a ransom attack every 11 seconds.

Ransomware actually holds your data ransom (usually threatening to publish or delete it) until you pay up. Sometimes a computer wiz is able to recover the data without paying but often more advanced malware makes it pretty impossible to unlock without the decryption key.

How to avoid: there are many ways to avoid ransom attacks but because there are so many varieties of malware, it’s hard to protect against them all. Having robust anti-malware installed on all devices is a great start. It is a good idea to have a backup of all data and to make sure software is patched and up-to-date.

Man-in-the-middle Attack

Man-in-the-middle (MitM) attacks often happen on insecure networks like the kind of public Wi-Fi you find in coffee shops and train stations, but it can also happen in your home if your network is unsecured. In a MitM attack (also known as eavesdropping attack) an attacker inserts themselves into your transactions online. This is why you should never email or text your bank details- you never know who could be monitoring your communications and take advantage of the opportunity to steal valuable data.

As you can imagine, having thousands of employees currently working on unsecured home networks is a hacker’s dream come true.

How to avoid: Avoid connecting with public Wi-Fi routers directly. You can use a VPN to encrypt your internet connection on public hotspots to protect the private data you send and receive while using public Wi-Fi, like passwords or credit card information. Make sure your home network is secured.

Password attack

Passwords account for 80% of data breaches and are the weakest link in security infrastructure. They are also the most commonly used method to authenticate your identity online. We use them to access every bit of data making them incredibly valuable to an attacker. There are many ways for hackers to go about discovering user passwords. From accessing password databases, scanning ‘notes’ on your phones, ‘eavesdropping’ on emails, or just outright guessing either systematically or at random.

Because many people use the same password for multiple accounts, securing someone’s password can have far-reaching effects.

How to avoid: first, create strong, difficult-t0-guess passwords (see NCSC guidance on how to do this). Second, don’t use the same password for multiple accounts. Finally, use multi-factor authentication (MFA) when possible. MFA is a two-step sign in process requiring a text to your phone or email in addition to a password and can stop a hacker getting in.

Many of these attacks can be avoided by education employees on basic cyber hygiene and complying with the standards of the government’s Cyber Essentials scheme. Learn how you can get Cyber Essentials certified today.