Consumers and businesses alike have been taking steps to maintain their businesses in the wake of the escalating Coronavirus pandemic. Following the government’s recent advice firms have been encouraged to implement working from home strategies. Although these measures are necessary, they have opened up an advantageous opportunity for cyber criminals. Techniques seen since the start of the outbreak include phishing emails, malware and fraudulent websites claiming to sell goods. Security teams have identified fraudulent emails impersonating the World Health Organization (WHO), the emails are encouraging individuals to “click the link below to download safety measures”. Likewise similar phishing emails and text messages have been going out posing as the Government or NHS.
Cyber criminals have also impersonated the US Centre for Disease Control (CDC), creating domain names similar to the CDC’s web address to request passwords and even bitcoin donations to fund a fake vaccine.
Working From Home (WFH) – Increased number of remote working devices, opening gateways for hackers
As many businesses are opting to work remotely during the outbreak, this has opened up a whole new opportunity for hackers. In 2019, 80% of ransomware attacks were initiated through remote desktop protocol, however in the current state of affairs, WFH is one of the only options. Therefore we have detailed some cybersecurity recommendations to improve the hygiene of your risk management.
Ensure the correct authentication is in place
Everyone should be varying their passwords, however firms need to be sure multi-factor authentication is set up immediately. This is a process that requires more than just a password to protect an account, it consists of two pieces of unique data that can prove their identity. Implementing this will automatically reduce the chance of cyber criminals being able to hack into a business’s RDP.
Train employees on how to identify a bogus email
Brunel has partnered with KYND allowing us to offer a phishing tool which can test a firms knowledge on phishing emails. After the test you can use the results to build on with training materials and e-learning tools.
Prepare for business interruption
In short, prepare for the worst. With a whole firm working from home, one cyber incident could cause the whole company to go into turmoil. Therefore it’s imperative to have an incident response plan in place. If you are a cyber insurance policyholder you will have a breach manager who will guide you through the whole process getting you back on your feet as soon as possible.
Cyber insurance remains to be relatively inexpensive, with policies starting from £150 + IPT and can act as a vital tool to keeping business going in the wake of an attack of any kind.
Brunel is an independent broker and have access to a range of insurers who we have verified based upon their incident response qualities, policy wordings and prices.
If you would like us to source a quotation for a cyber policy, please contact Alex Cappuccio – firstname.lastname@example.org
The key piece of advice in the ever changing climate is to remain vigilant and assess the risk of your changing business environments.