How much time? Weeks, months, or even years, as The Wall Street Journal reports. Nicolas Fischbach, chief technology officer of cybersecurity firm Forcepoint LLC, tells the newspaper that foreign actors and organized crime groups can afford to play the long game.

Stephen Breidenbach, a cybersecurity and privacy lawyer at Moritt Hock & Hamroff LLP, also cautions that not all hackers cashing in on coronavirus fears are looking to make a quick buck. Some groups could access networks during the tumult and then stick around in stealth until they find trade secrets, bank account details or other information they deem of financial or political value, he said.

Hackers’ projected patience underscores the long-term information security risks of the coronavirus as organizations grapple with a slowing economy. Under-resourced information technology departments could fall behind on crucial network systems updates. Dormant businesses may be ripe targets.

Debbie Gordon, chief executive of Cloud Range Cyber LLC, told the Journal that IT teams may find it hard to balance helping employees and defending against security threats if a recession slashes their budgets. Earlier in March, sophisticated hackers tried unsuccessfully to access the computer networks of the World Health Organization, as Reuters reports. WHO Chief Information Security Officer Flavio Aggio said that cyber attacks on the agency had doubled as it confronted the pandemic. Other sources briefed on the matter told Reuters they suspected that DarkHotel, a hacker group dating at least to 2007, was behind the WHO attack.

Some hackers are using a bogus link that looks like it belongs to the U.S. Department of Health and Human Services as a way of tricking people into stealing malware, as The Washington Post notes. Banks in the United States and the United Kingdom are ramping up their anti-fraud efforts with social media campaigns and 24-hour victim support hotlines.