By Brett Morgan
In the days since the coronavirus outbreak, millions of Americans have been adjusting to the new normal of practicing safe social distancing measures. For many, this includes working from home and spending more time online. Cybercriminals are seeking to exploit the situation by increasing their efforts to gain access to sensitive data.
According to Trend Micro, “The coronavirus disease (COVID-19) is being used in a variety of malicious campaigns including email spam, BEC, malware, ransomware, and malicious domains. As the number of those afflicted continue to surge by thousands, campaigns that use the disease as a lure likewise increase.”
Ransomware is malware that exploits security weaknesses to infiltrate a company’s computer system, then takes their information hostage. Once cyber criminals gain access to the system, they can lock a business’ computers down, encrypt sensitive information, and threaten to release it to the public unless a ransom is paid.
Last month, cybercriminals sought to capitalize on heightened public fear by selling an interactive map tracking the spread of COVID-19. According to Secure World Expo, the map “loads a fully working online map of infected areas and other data. The map is resizable, interactive, and has real time data from World Health Organization and other sources.” Although it looks legitimate, the map is infected with malware. Once a user downloads the program to view the map, they are actually downloading malicious software that could give cyber criminals access to sensitive data or critical system controls.
Phishing, or social engineering, is a method used by hackers to trick victims into divulging sensitive information through emails or other platforms with a sign-on function. Email is an easy access point and hackers can deploy massive attacks by sending out blanket emails waiting for a bite — giving them access to your business’ sensitive information — or worse, your customers’ personal information.
According to Norton, “Cybercriminals have sent phishing emails designed to look like they’re from the U.S. Centers for Disease Control. The email might falsely claim to link to a list of coronavirus cases in your area. ‘You are immediately advised to go through the cases above for safety hazard,’ the text of one phishing email reads.”
Data breach prevention
Fortunately, there are preventative steps that your business can take to protect itself and help ensure the safety of your networks. Here are some best practices that you can implement before a cyberbreach occurs to make sure that your information technology systems are protected.
Update all of your operating systems, and keep them up to date. Updating your computer with the latest version of the operating system will fix any bugs and help prevent a potential hacking attempt.
Install a firewall and keep it up to date. A firewall will insulate your systems from a possible hack and your employees will be able to work without interruption.
Install the latest software that protects against spyware, phishing attempts, and viruses. This software helps ensure maximum protection against cyberhacking attempts.
Make sure that software is patched and updated on a consistent basis.
Exercise caution when it comes to your company’s wireless network(s) and stored information. Conceal your company’s Wi-Fi name and use an encryption to safeguard sensitive information.
Educate your workforce so they are aware of steps they can take to protect themselves and your organization and any potential client information. Given that many organizations have moved to a work-from-home model, it's more important than ever to remind your employees about these policies and have regular, proactive communication about expectations. Review computer usage policies and other related email and social network policies to ensure that all employees are in compliance and understand what is expected of them.
In these uncertain times, businesses are facing threats to their data from malignant actors. While cybercrime may not be entirely avoidable, there are steps that you can take to minimize the likelihood of your systems being breached. Having a prevention plan in place, following best practices, educating your employees, and having proper cyber liability insurance coverage can protect your business from the financial and operational dangers of a cyber security breach.
When creating your cybersecurity strategy, focus on prevention, resolution, and restitution. While prevention should be your primary focus, data breaches are sometimes unavoidable, so it is wise to have a plan in place in the unfortunate event that you are faced with a breach. Be prepared for any repercussions the threat may have caused, including loss of trust from employees and customers.
If you experience a security breach, cyber liability insurance can provide protection. Your main concern after a breach should be minimizing the amount of compromised data and working with your insurance provider to rectify the issue and manage any losses. It's easy and quick to obtain a quote.
Original article shared here: