No, it is an opportunistic scam, and everyone has to present a united front to such animalistic immorality.

The biggest crooks to emerge from the ongoing Covid-2019 saga—apart from the scalpers and hoarders—are cyber attackers who follow the money.

In just three weeks since Singapore’s first Covid-2019 case, there have been reports of cybercriminals impersonating government officials to request financial information from individuals.

The local authorities have since advised financial institutions to remain vigilant on the cybersecurity front. Why, and more importantly, how? 

The Covid-2019 outbreak has caused much anxiety and uncertainty in the market. Individuals are increasingly looking to the authorities and familiar entities for information on how they can stay safe, but not all of it can be trusted. So, this has shed light on a growing problem in Singapore’s cyber landscape—cybercriminals are exploiting the trust, relationships, and brand that financial institutions have with consumers.

Financial institutions may have a more robust cybersecurity posture than organisations in many other industries in comparison, but this does not make them immune to cyberattacks. There is still considerable opportunity for financial institutions to improve cybersecurity postures and go on the offensive, such as through proactive cyberthreat hunting.

Threat hunting combines proven methodology, innovative technology and highly skilled cybersecurity expertise as well as in-depth threat intelligence to find and stop malicious cyber activities, including attacks that automated defences may sometimes miss.

According to a recent VMware Carbon Black study, 94% of organisations in Singapore have had positive results from their threat hunting efforts in reinforcing the strength of their defences. Threat hunting teams are necessary for organisations to enhance visibility and bolster response capabilities in the face of increasingly complex cybercrime techniques.

Individuals also have an important role to play in strengthening defences against cyberattacks.  Passwords should be thought of more as “pass-phrases”. They should be updated at least once every six months and be actively enforced on all devices: laptops, mobile phones, tablets, etc.

Every one of us should be wary of phishing emails and be on the lookout for suspicious emails coming from unfamiliar email addresses. Very often, although not always, tell-tale signs of phishing emails include inconsistent grammatical and spelling mistakes. Also, keep a look out for suspicious files or file names attached; only open them when you are sure they are from a reliable sender. Also, individuals must remember to update applications and software regularly, as soon as updates are available.

Finally, cybersecurity will always be a concerted effort. Organisations across the public and private sectors, as well as individuals, need to present a united front. We all face a common adversary in cyber attackers and these attackers are more than willing to work together to share vulnerabilities and sensitive information. We should be doing the same as defenders.