Whenever there’s a shakeup of some sort, scammers swoop in to capitalize on our vulnerabilities. Since March 2020, when the COVID-19 pandemic began, we have seen a shakeup in our economy, our workplaces and our lives. As a result, cybercriminals are out in force trying to prey on vulnerable businesses and individuals.
Unfortunately, cybercrime became more sophisticated, widespread and relentless in 2021, according to a Microsoft Digital Defense Report.
I'd like to highlight the most common ways cybercriminals are trying to take advantage of businesses and consumers, and what you can do now to help prevent becoming a victim.
INcreased Threats for Businesses
Since the start of COVID-19, many businesses found themselves more vulnerable to cyberattacks simply because of the way data is distributed. Each week, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) updates its website with recent vulnerabilities that were detected during the previous week. Many of the critical and high-severity vulnerabilities now stem from home network devices.
Before COVID-19, most companies had the bulk of their data stored on their network or in the cloud. With the increase of employees working remotely, much of that data has been spread out to user endpoints. This creates new threats because these networks are connected to countless workstations on home networks that may be tied to a variety of devices, such as HVAC systems, smart TVs, game consoles, and/or routers that haven’t been updated or properly secured.
Compounding this issue is the increased number of users within a given household who may be working from home. It’s not implausible for a company’s network to be hit through an employee’s home network only to have that virus infect a spouse’s company network, as well, setting up a complicated and costly scenario for litigation.
INcreased scam activity
The growth of phishing is not gradual—it’s growing exponentially, with Anti-Phishing Working Group estimating that phishing attacks doubled in 2020 alone.
Proofpoint, a leading cybersecurity and compliance company, and Ponemon Institute, a top IT security research organization, released a study in August 2021 on the Cost of Phishing. The report revealed the cost of phishing attacks have almost quadrupled in the past six years, with large U.S. companies losing an average of $14.8 million annually (or $1,500 per employee).
“Because threat actors now target employees instead of networks, credential compromise has exploded in recent years, leaving the door wide-open for much more devastating attacks like BEC and ransomware,” said Ryan Kalember, executive vice president of cybersecurity strategy, Proofpoint. “Until organizations deploy a people-centric approach to cybersecurity that includes security awareness training and integrated threat protection to stop and remediate threats, phishing attacks will continue.”
Since the pandemic began, ransomware scammers pivoted toward data ex-filtration. In these scenarios, cyber criminals breach a company’s system, take its data and then threaten to release it, if the company doesn’t pay. Besides doing long-term damage to a company’s reputation, these crimes can include costly ransoms. The Cost of Phishing report showed ransomware annually costs large organizations $5.66 million. Of that, $790,000 accounts for the paid ransoms themselves.
If your data is stolen, do not try to handle it on your own. There are experienced resources who can help you navigate this process—from reporting the breach to state and federal governments to negotiating ransoms. If you have cybersecurity insurance, that should be your first phone call. Your insurer can help you pull in additional legal and negotiating resources. If you don’t have insurance, contact a legal firm who specializes in data ex-filtration. All 50 states have data privacy and disclosure laws. The legal firm will advise you on your reporting requirements, so you’re not subject to penalties. The firm can also connect you to a cyber response company who’s trained at negotiating with cyber criminals.
We all heard about Zoom bombing, where an uninvited guest crashes a video conference. It’s important to know your company’s collaboration platform and take precautions to keep visitors out, such as putting passwords on meetings and using meetings as opposed to personal rooms. Once a hacker infiltrates your video conference, there’s no telling what confidential information can be extracted.
Soon after the pandemic began, 41 million Americans filed for unemployment. Unfortunately, this creates the ideal environment for employment scams. One of the more common scams involves cyber criminals posting fake jobs on Indeed, LinkedIn or other recruiting resource under the guise of a legitimate company. From there, scammers set up fake interviews on platforms such as Google hangout and, afterward send the applicant a letter offering them the job. At that point they ask the applicant to provide government ID and bank account information for direct deposit. Of course, the bank information is then used for nefarious purposes.
If you’ve been targeted in this type of scam—as a business being falsely represented or as an applicant—you should file a report at IC3.gov and with local law enforcement. People who are seeking employment should apply for positions on a company’s website instead of using a third-party recruiting resource, or call the company’s HR representative and verify the interview.
Businesses Beefing up security
Businesses simply can’t afford the financial risks of cyberattacks. According to Ponemon Institute, when people learn that an organization paid millions to resolve a ransomware issue, they assume that fixing it cost the company just the ransom. What Ponemon Institute found is that ransoms alone account for less than 20 percent of the cost of a ransomware attack. Because phishing attacks increase the likelihood of a data breach and business disruption, most of the costs incurred by companies come from lost productivity and remediation of the issue rather than the actual ransom paid to the attackers.
From a cyber perspective, corporate America might never get back to its old version of normal. Initially, many businesses took patchwork steps to get their remote capacity up to speed quickly. Now, they’re taking the time to step back and re-evaluate, if not re-architect, how they’re connecting to their users and making sure those connections aren’t putting them at risk.
What Businesses Can do to Safeguard
Marco offers a number of solutions that help you assess your risk and take steps toward safeguarding your data. In many cases, the cost of these security tools can be as a low as a couple hundred dollars a month.
Baseline or Hardening
This is a one-and-done process that alleviates many issues, yet most organizations don’t spend adequate time going through these basic steps. Baseline or hardening includes shutting off services that no longer are needed, changing default usernames and passwords, and patching your systems, to name a few. Most organization that are hit with one of the scams mentioned above are deficient in some of these areas.
Similar to having a PIN for your ATM, multi-factor authentication verifies your users by implementing other forms of verification beyond a username and password.
With so many users working from home, this safeguard is critical. It involves a simple agent that’s installed on end points and your server to detect and respond to threats as they happen and provide malware analysis. These advanced tools go well beyond the traditional antivirus products that have ruled the market.
Environment Logging or
Security information & event management (siem)
This solution collects information across all network devices, aggregates that data and analyzes it through a security lens. In essence, it provides a 40,000-foot view of your business and picks up things like business email compromises, successful firewall breaches and other types of attacks.
Identify and assess
Marco offers a range of cybersecurity services and provides solutions such as Managed IT and UnifyIT, a customizable solution for businesses with an IT department already in place. With Marco's Managed IT or Co-Managed IT services, you can augment your IT team with the tools and expertise you need to monitor your network, manage security and support users, so you can focus on your organization’s strategic priorities.
With Managed IT and UnifyIT, Marco’s technology and cybersecurity professionals work with your IT team, while following a security strategy consistent with the National Institute of Standards and Technology Cybersecurity Framework.Connect with one of Marco's Technology Advisors to learn how you and your employees can take steps to protect company data.