Whenever there’s a shakeup of some sort, scammers swoop in to capitalize on our vulnerabilities. In the last four months, COVID-19 certainly caused a shakeup in our economy, our workplaces and our lives. As a result, cyber criminals are out in force trying to prey on vulnerable businesses and individuals.
This blog highlights how COVID-19 has made some organizations more vulnerable than ever, the most common ways cyber criminals are taking aim at businesses and consumers, and what you can do to help prevent becoming a victim.
INcreased Threat Landscapes for Business
Since the start of COVID-19, many businesses are finding themselves more vulnerable to cyberattacks simply because of the way data is now being distributed. Each week, the US Cybersecurity and Emergency Response Team (CERT) releases the vulnerabilities that were detected during the previous week. Many of the critical and high severity vulnerabilities now stem from home network devices.
Before COVID-19, most companies had the bulk of their data on their network or in the cloud. With the increase of employees working remotely, much of that data has been spread out to user end points. This creates a host of new threats, because these networks are now connected to countless work stations on home networks that may be tied to a variety of devices, such as HVAC systems, smart TVs, game consoles, and/or routers that haven’t been updated or properly secured.
Compounding this issue is the increased number of users within a given household who may be working from home. It’s not implausible for a company’s network to be hit through an employee’s home network only to have that virus infect a spouse’s company network as well, setting up a complicated and costly scenario for litigation.
INcreased scam activity
According to the Carbon Black, phishing scams are up 238%. Some of the scams involve soliciting fake payroll protection loans or personal protective equipment (PPE). In the latter case, the scammers pose as employers providing employees with instructions on how to wear their PPE. The email may include a video that recipients are instructed to view. In other cases, the scams may target employees with information about updating their systems or viewing new network policies. In addition to these scams, cyber criminals are also capitalizing on changes to the tax deadline by posing as the IRS. The primary goal for these scammers is acquiring credentials such as user name and password information. A secondary goal can be targeting the user with ransomware.
In recent months, ransomware scammers have pivoted toward data ex-filtration. In these scenarios, cyber criminals breach a company’s system, take its data and then threaten to release it if the company doesn’t pay. Besides doing long-term damage to a company’s reputation, these crimes can include costly ransoms. A $50,000 minimum asking price is not uncommon, with the average in 2019 increasing $111,605.
If your data is stolen, do not try to handle it on your own. There are experienced resources who can help you navigate through this process—from reporting the breach to state and federal governments to negotiating ransoms. If you have cybersecurity insurance, that should be your first phone call. Your insurer can help you pull in additional legal and negotiating resources. If you don’t have insurance, contact a legal firm who specializes in data ex-filtration. All 50 states now have data privacy and mandatory disclosure laws. The legal firm will advise you on your reporting requirements so you’re not subject to penalties. The firm can also connect you to a cyber response company who’s trained at negotiating with cyber criminals.
We’ve all heard about Zoom bombing, where an uninvited guest crashes a video conference. It’s important to know your company’s collaboration platform and take precautions to keep visitors out, such as putting passwords on meetings and using meetings as opposed to personal rooms. Once a hacker infiltrates your video conference, there’s no telling what confidential information can be extracted.
In the last three months, 41 million Americans have filed for unemployment. Unfortunately, this creates the ideal environment for employment scams. One of the more common scams involves cyber criminals posting fake jobs on Indeed, LinkedIn or some other third-party recruiting resource under the guise of a legitimate company. From there, scammers set up fake interviews on platforms such as Google hangout and, afterwards, send the applicant a letter offering them the job. At that point they ask the applicant to provide government ID and bank account information for direct deposit. Of course, the bank information is then used for nefarious purposes.
If you’ve been targeted in this type of scam—as a business being falsely represented or as an applicant—you should file a report at IC3.gov and with local law enforcement. If you’re seeking employment or know someone who is, apply for positions on a company’s website versus using a third-party recruiting resource or call the company’s HR representative and verify the interview to prevent being scammed.
Businesses Beefing up security
Several national security groups have noted that more and more businesses are recognizing these increased threats and taking action to safeguard their data. Five months ago, many businesses had a much lower risk tolerance toward ransomware. Today these businesses simply can’t afford the financial risks of cyberattacks.
From a cyber perspective, corporate America may never get back to our old version of normal. Initially, many businesses took patchwork steps to get their remote capacity up to speed quickly. Now they’re taking the time to step back and re-evaluate, if not re-architect, how they’re connecting to their users and making sure those connections aren’t putting them at risk.
What Businesses Can do to Safeguard
Marco offers a number of solutions that help you assess your risk and take steps toward safeguarding your data. In many cases, the cost of these security tools can be as a low as a couple hundred dollars a month.
Similar to having a PIN for your ATM, multi-factor authentication verifies your users by implementing other forms of verification beyond a user name and password.
End point protection
With so many users working from home, this safeguard is critical. It involves a simple agent that’s installed on end points and your server to detect and respond to threats as they happen and provide malware analysis. These advanced tools go well beyond the traditional antivirus products that have ruled the market.
Environment Logging or Security information and event management (siem)
This solution collects information across all network devices, aggregates that data and analyzes it through a security lens. In essence, it provides a 40,000-foot view of your business and picks up things like business email compromises, successful firewall breaches and other types of attacks.
Baseline or Hardening
This is a one-and-done process that alleviates many issues, yet most organizations don’t spend adequate time going through these basic steps. Baseline or hardening includes shutting off services that are no longer needed, changing default user names and passwords, and patching your systems, to name a few. Most organization that are hit with one of the scams mentioned above are deficient in some of these areas.