Work from home is one of the models businesses shifted to tackle the Covid-19 global pandemic, which has led to more businesses susceptible to cyber-attacks. Taking advantage of the event the attacks have rose by 600%. It’s likely you have already encountered an email, phone call, or text message scam related to Covid-19. Or, charities that claim to assist front line workers. Worse yet, those claiming to offer hand sanitizer, PPE or food. [1]
In the meantime, the world continues to watch for the future of viruses and lockdowns, but one thing is certain cybercrime will only continue to increase. Lockdowns have permanently changed how corporations conduct business. When reviewing work from home policies, companies need to consider security as a factor. Organizations that don’t need office space to be productive will never return to the office environment.
Exploiting this cybersecurity weaknesses in remote working, series of cyberattacks on video conferencing services have been conducted. Between February 2020 and May 2020 more than half a million people were affected by breaches in which the personal data of video conferencing services users (e.g., name, passwords, email addresses) was stolen and sold on the dark web. To execute this attack, some hackers used a tool called ‘OpenBullet’. [2]
Employees working from home can take steps to secure their networks. However, these countermeasures are not immune to disruption. It only takes a single click to compromise the entire network. Business in 2021 will be dominated by continued diligence from users and on-going investments from stakeholders to foster an ever more secure environment.
Cryptomining attacks gave cyber criminals an easy foothold into company networks. It was a year of massive data leaks, expensive ransomware payouts, and a vast, new, complicated threat landscape. And it was a year that saw cyber criminals up their threat game in a big way. [2]
Malware known as Ransomware is meant to restrict access to files and networks and to lock users out. Once the malware infects the system, threat actors will send a ransom note that usually demands payment.
Ransomware contributed to the first death from a cyber-attack in 2020, as a hospital in Germany was cut off from its systems and could not treat patients. A woman needing critical care was sent to nearby hospital, which was 20 miles away but did not survive.
Unfortunately, the industry trends are not promising. In a survey of 582 IT security professionals, 50% say their organisation is not prepared to defend against ransomware, because sophisticated ransomware kits are readily available on the dark web, this method is extremely lucrative for threat actors. [1]
Employees who work from home or on a computer are required to practice cyber hygiene habits (even those who use their company's equipment). Apply new technology and tools, companies can use advanced tools such as host checking. Constant Risk management, governance, risk and compliance (GRC) solutions should be developed. Prepare for the attacks. In these high-risk times, companies are advised to carry out frequent cyber crisis simulation exercises to prepare their response to a cyberattack.[2]
At Cybersecurity Link, we after evaluating the current IT infrastructure of an organization (network, apps, data, cloud) to identify areas for cybersecurity focus, we strategize using cybersecurity smart tools and our skilled consultants. You can work with our consultants to build a threat model and produce clear actions to mitigate the threats, Cybersecurity Risk Assessment (CRA) is such one service. If you are subscribed to various cloud services, then we provide comprehensive assessment called Cloud Security Risk Assessment (CLRA).
In conclusion, it is very important to assess the vulnerability of your business to cyber-attacks. Please refer to our services page (http://cybersecuritylink.com.au/services) to get more information on how to protect yourself from these events.
References:
[1] PurpleSec. 2021. 10 Cyber Security Trends You Can't Ignore In 2021. [online] Available at: https://purplesec.us/cyber-security-trends-2021/
[2] Nabe, C. (2020, December 15). Impact of COVID-19 on Cybersecurity. Deloitte Switzerland. https://www2.deloitte.com/ch/en/pages/risk/articles/impact-covid-cybersecurity.html
Comments