There is no question that the 2020 Covid-19 pandemic has had a major impact on the behavior of individuals and businesses around the world. Between the middle of March and April 2, the number of Americans working from home rose from 39% to 57%, according to a poll taken by Gallup, and many other nations report similar numbers of remote workers. More people are shopping online for essential and nonessential products, having meals delivered, and streaming videos and music. Overall, Forbes reported on March 26 that total hits during the Covid-19 pandemic have risen by up to 70% in many countries, including Italy and China.
Unfortunately, as is always the case when there is widespread chaos, there are criminals who see the pandemic as an opportunity to make money from the fear and suffering of others. Although there have been many campaigns to encourage ISPs to do more in the battle against cybercrime, the pandemic has shown that ISPs still have a long way to go when it comes to cybersecurity.
How Can ISPs Help Make the Internet Safer in the Age of Covid-19?
With few exceptions, an ISP exists to earn a profit. Starting an ISP is an expensive proposition, and the investment never ends; equipment must be constantly updated to take full advantage of innovative technologies. However, many issues, including the problems with BGP, have never been addressed. Many ISPs are reluctant to invest in solutions that will not be truly effective without wider adoption by other ISPs, and some ISPs do not feel that they should be held responsible for providing subscribers with extensive cybersecurity tools. In light of the current pandemic, however, ISPs are finding it more difficult to ignore the demands of their customers for greater security. If every ISP decided to place greater emphasis on cybersecurity, much of the cybercrime could be reduced by following these recommendations.
- Get better at collaborating and sharing intelligence. Criminals seldom single out a particular ISP to attack. If one ISP detects criminal activity, it should share the information with its peers. Even the best threat database cannot warn about threats that have never been reported. Co-ops and other small ISPs are especially vulnerable to attacks that were originally aimed at a major service but filtered down the chain. In the current crisis, ISPs must realize that it is no longer acceptable to have an "everyone for themselves" attitude.
- Teach subscribers how to defend themselves. The end user has always been the weakest link, and the current situation makes this even more obvious. Millions of people who have never used Zoom, connected to a remote server, or shared documents online are now being forced to do so on a daily basis while working from home. There are also students taking online classes for the first time, seniors placing their first online orders for groceries, and people of all ages having their first telemedicine experience. Cybercriminals know where the vulnerabilities are and how to exploit them, but the average subscriber can still fall prey to phishing schemes, malware embedded in emails, or fake sites masquerading as government agencies, charities to help Covid-19 victims, or retailers who can provide them with products that are in short supply. ISPs need to make sure that subscribers have the information to recognize and avoid such schemes.
- ISPs cannot ignore the rapid expansion of smart devices comprising the "internet of things." In 2016, an attack involving approximately 100,000 smart devices wreaked havoc on many major businesses in the United States. A DDoS attack can always be a problem, but under normal conditions, distinguishing between bad botnets and legitimate traffic is not all that difficult. However, the Covid-19 pandemic has forced remote workers to rely on residential connections that are often oversubscribed and far from secure, but ISPs cannot afford to simply block connections if bad traffic is identified at a specific IP address. ISPs must deploy solutions that can quickly identify DDoS attacks, block them, and mitigate disruptions. Furthermore, subscribers should be educated about potential vulnerabilities in popular smart devices.
The Covid-19 pandemic has already tested the limits of virtually every business and every individual to adapt to a new normal. With the internet needed more today than ever before, ISPs must also adapt and react to the increasing demands being placed upon them. We are all in this together, so contact Abusix if you need help to deal with your cybersecurity issues.