As more of America’s workers were asked to work from home due to the COVID-19 pandemic, cyber criminals jumped at the opportunity to take advantage, it seems.
Remote work means work being handled on the cloud as employees share files and need a convenient way to access them.
But cyber criminals are banking on workers letting down their guards when they work from home, so it’s no surprise that while cloud service usage among enterprises jumped 50% between January and April, external attacks on cloud accounts boomed 630% in the same period.
Also, hackers and other cyber scammers orchestrated systematic attacks on collaboration tools like Cisco WebEx, Zoom, Microsoft Teams and Slack, according to the “Cloud Adoption & Risk Report ― Work from Home Edition” report by McAfee.
The risk to enterprises cannot be overstated as criminals try to take advantage of the sudden shift to telecommuting by thousands and thousands of organizations as they try to cope with the COVID-19 pandemic and continue operating during stay-at-home orders.
Employees are your organization’s first line of defense. You can protect your company by encouraging personnel to be skeptical of e-mail from unfamiliar sources.
Training your staff
Before the COVID-19 crisis, PricewaterhouseCoopers simulated a phishing attack on mid- to large-size financial institutions, finding that:
- 70% of phishing e-mails were delivered to their targets, and
- 7% of recipients clicked on the malicious link
The danger with phishing and ransomware attacks is that it only takes on click, one missing endpoint agent, one failed alert, one unsuspecting employee, and the criminals can take control of your network and your cloud files.
Many of these attacks come in the form of what’s now called “social engineering attacks.” PwC recommends coaching all of your employees to take the following precautions, particularly on their mobile devices:
- Be skeptical of e-mails from unknown senders, or from familiar people (like your company’s CEO or your doctor) who do not usually communicate directly with you.
- Don’t click on links or open attachments from those senders.
- Don’t forward suspicious e-mails to co-workers.
- Examine the sender’s e-mail address to ensure it’s from a true account. Hover over the link to expose the associated web addresses in the “to” and “from” fields; look for slight character changes that make e-mail addresses appear visually accurate – a .com domain where it should be .gov, for example.
- Grammatical errors in the text of the e-mail are usually a sure sign of fraud.
- Report suspicious e-mails to the IT or security department.
- Install the corporate-approved anti-phishing filter on browsers and e-mails.
- Use the corporate-approved anti-virus software to scan attachments.
- Never donate to charities via links included in an e-mail; instead, go directly to the charity website to donate.
Cyber insurance
Cyber insurance is designed to protect your company by insuring you for network security issues, privacy, interruption to your business, media liability, and errors and omissions.
For phishing, ransomware and other cyber attacks, the network security and business interruption portion of the policy would mainly come into play.
Network security coverage – This includes first party costs. That is, expenses that you incur directly as a result of a cyber incident, including:
- Legal expenses
- IT forensics
- Negotiation and payment of a ransomware demand
- Data restoration
- Breach notification to consumers
- Setting up a call center
- Public relations expertise
- Credit and identity monitoring
- Restoration.
Business interruption – When your network, or the network of a provider that you rely on to operate, goes down due to an incident, you can recover lost profits, fixed expenses and extra costs incurred during the time your business was impacted. This includes loss arising from:
- Security failures, like a third party hack.
- System failure, such as a failed software patch or human error.