Phishing for Credentials During a Pandemic – The Risk of Ransomware
Published on by Bryan Gayhart, Robert Ramsay, in COVID-19, Technology, Video
Can’t watch the video? Download a copy of the transcript here.
The challenges brought on by the COVID-19 Pandemic in 2020 have been significant for all of us on both a personal and professional level. If you’re a business owner, or in charge of information technology for your company, a ransomware attack is a nightmare scenario you wouldn’t wish upon anyone. Unfortunately, cybercriminals are using COVID-19 themed lures to launch phishing attacks and take advantage of employees’ concerns about the pandemic.
In its third quarter phishing report, cybersecurity consultant KnowBe4 found that subject lines relating to COVID-19 accounted for 56% of all subject lines analyzed. Ask anyone to describe their emotional state or feelings regarding the pandemic, and you’ll likely receive responses like stress, fear, and anxiety, just to name a few. Cybercriminals are leveraging these emotional responses as opportunities for carrying out their attacks, knowing that people will be likely to react to these emails immediately in these times of high stress. In KnowBe4’s report, they warn professionals everywhere to be wary of emails containing subject lines with the following keywords and phrases:
- COVID-19 Awareness
- Coronavirus Stimulus Checks
- List of Rescheduled Meetings Due to COVID-19
- Confidential Information on COVID-19
- COVID-19 – Now airborne, increased community transmission
5 Key Strategies for Protecting Against Phishing
What can you do to help keep your company and your data secure? Consider these five key steps:
- Educate, Educate, Educate! – Education and awareness matter. Employees and users of your systems will always be the first line of defense. Many cybersecurity companies provide services for educating employees as well as tools for running simulated phishing attacks. At a minimum, provide employees with a practical guide on what to look for when analyzing email attachments and website links that could contain ransomware.
- Review Your Backup Policy – Ensure that you have a strong backup policy in place for all your important data – and keep in mind that the architecture of your backup is just as important as the quality of the backups. Ensure that you utilize an “air gap” backup strategy or a tape backup strategy such that at any given time there is a copy of your company’s data that is offline and can’t be hacked or corrupted. Testing these backups periodically is the best way to ensure the process works.
- Create an Incident Response Plan – Think through how your company would deal with a ransomware attack. Use this plan to outline the recovery sequence for servers to ensure key business processes can get back up and running. Lay out timelines, roles, and responsibilities to ensure a well-structured response – and then test and review the plan annually to capture changes in the business, personnel, vendors, etc. Being prepared for the worst-case scenario can help you stay calm and make smart decisions if an incident does occur.
- Consider a Professional Evaluation – A professional cybersecurity assessment is a powerful way to ensure your network is secure and your policies and procedures are doing everything necessary to protect your business or organization. A professional assessment report includes findings and recommendations with detailed steps taken and the sample results of testing – it’s another layer of security to protect your business and generate greater peace of mind.
- Consider Investing in Cyber Insurance – Consider investing in a cyber insurance policy as a hedge. You’ve taken the steps necessary to build a strong control environment, and you’ve taken the steps to insure your company in the event of a ransomware attack. Cyber insurance will help cover losses and provide key resources in handling the ransomware attack. Ransomware demands often start at the million dollar or higher mark and settlements often range well into the six-figure range for a ransomware attack – and the cost of cyber insurance is much less than that. Looking at the numbers, it seems like a no-brainer.
Talk with a Cybersecurity Expert
The Barnes Dennig System Assurance team conducts cybersecurity assessments and helps companies stay compliant with SOC 1, 2, & 3, PCI DSS, HIPAA, GDPR and many other compliance frameworks, and we’re passionate about helping companies evolve their policies and procedures in developing stronger control environments. If you have questions or a story to share, or would like to talk about cybersecurity issues or compliance for your organization, contact us. We’re here to help.
