“Never let a serious crisis go to waste,” is a philosophy many hackers have exploited during the Covid-19 pandemic. 

In recognizing October as Cybersecurity Awareness Month, the Cybersecurity and Privacy Institute (CPI) at Waterloo is hosting a series of panel discussions with industry leaders exploring issues of cybercrimes and threats to Canadians’ privacy. 

In a recent discussion, panelist Chris Lynam, director of the Cybercrime Coordination Unit with the Royal Canadian Mounted Police (RCMP), shared that his department has received 5,000 COVID-related cyber scam reports in six months, generating more than six million in losses for Canadians. These higher-than-usual numbers are prompting departments like his to remind everyone to question all content and read beyond the headline.

“I don’t think you can ever have too much awareness prevention, education, training in cybersecurity as prevention is very important,” Lyman said. “If we can get businesses and individuals to increase their cyber awareness, that could go a long way.” 

Best practices for remote work

As more individuals are switching from their usual office networks to their personal laptops, opportunities to breach sensitive data have increased. Home networks and electronics are less secure than the usual office online spaces, leaving users — specifically cyber-security employees — more susceptible to cyber-attacks. Use of anomaly detection software (which can indicate critical incidents like technical glitches or breaches) and setting up virtual private networks (VPN) are important steps to protecting users’ and businesses’ data. 

“The attacks often require an action from the user to be successful. It becomes really important [for the hacker to] target the user, for example, by making the email look like it’s from a friend,” Urs Hengartner said, an associate professor in the Cheriton School of Computer Science. “Be vigilant, watch out for attacks on your computer or your data as these could be attacks on yourself.”

Hengartner added that connecting with cybersecurity professionals for assessments of office online spaces and remaining updated on upcoming cyber security features are beneficial to protect businesses’ and users’ data. 

Staying cyber-safe at home

On the personal front, rising anxieties related to COVID-19 also leaves users more vulnerable to cyber-attacks at home. Whether it’s learning more about the symptoms of coronavirus or accepting an email from someone without analyzing the contents of the information first, it’s important to seek information from trusted sources. 

“Scammers are taking advantages of anxieties people are feeling as well as those experiencing the isolation related to physical distancing,” Cassandra Cross said, professor at Queensland University of Technology. “No one wakes up in the morning thinking they’re going to a victim of cybercrimes. The vulnerabilities and potential for exposure leave them for risk. The anxieties have contributed to people behaving in ways they wouldn’t have normally outside of the COVID crisis.”

Interested audiences can learn more and register for the final two, free, online events in through CPI’s website.