As working from home becomes the new normal, organizations need strong cybersecurity measures to avoid becoming victims of costly cyberattacks.
As the COVID-19 crisis unfolded, a wide variety of workforces transitioned to a remote environment. This move to working from home has changed the way employees interact with technology—and raised organizational cybersecurity risk.
Hackers have already adapted their attacks to exploit people’s concerns about the COVID-19 pandemic.1 Even before the crisis, cyberattacks were evolving in terms of sophistication and the avenue of attack used.
It’s also clear that reopening the economy isn’t going to mean an immediate return to the office. Working from home is going to be the new normal for many, including tech giants such as Facebook and Twitter, which have adopted permanent company-wide opt-in remote work policies.2 According to Facebook CEO Mark Zuckerberg, Facebook will not limit these policies to current employees; rather, the company will begin “aggressively” opening up remote hiring.3 Organizations with strong cybersecurity policies and procedures will find themselves better able to prevent or mitigate breaches in this new normal environment.
The High Cost of Ransomware
Independent of the coronavirus pandemic, the nature of cyberattacks has been changing in recent years. Ransomware attacks, in which cybercriminals encrypt an organization’s files and threaten to destroy or sell sensitive information unless they receive a ransom payment, have become significantly more frequent and destructive. In 2019 alone:
And the attacks have continued to mount—in June 2020, Columbia College in Chicago, Michigan State University, and the University of California, San Francisco, were hit by ransomware attacks in the same week.5
Ransomware attacks cause lasting damage regardless of a company’s specialty or industry. The consequences of a breach can be devastating, and ransomware demands now routinely run into six and seven figures. Ransomware attacks can shut an organization’s systems down for weeks or even months at a time, racking up millions of dollars of costs in lost productivity and IT expenses, not to mention the effects of negative publicity and potential regulatory fines.
Current Avenues of Attack
Complicating matters further, ransomware is no longer delivered exclusively via fraudulent email. Current avenues of attack include:
Strengthen Your Defenses
Unfortunately, organizations have few good ways to protect themselves from being targeted. Employees need open channels for communication, especially in a world where physical interactions have been curtailed. As a result, organizations must focus on ways to prevent potential attackers from gaining entry to their systems—and ways to detect successful breaches quickly while mitigating potential damage.
Here are five ways you can improve your organization’s protection in today’s work-from-home environment and beyond:
What To Do If You Suspect Fraud
If you receive a fraudulent email or if you believe you or your organization have become a victim of fraud, help protect your financial interests by taking these steps:
To learn more about Wilmington Trust and M&T Bank’s cybersecurity efforts, please visit Cybersecurity and You.
Sources:
1 The Verge, “Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week,” April 16, 2020. https://www.theverge.com/2020/4/16/21223800/google-malware-phishing-covid-19-coronavirus-scams
2 Variety, “Twitter Will Let Employees Work from Home Permanently,” May 12, 2020. https://variety.com/2020/digital/news/twitter-work-from-home-forever-coronavirus-1234604586/
3 Variety, “Facebook Shifting to Permanent Work-from-Home Status for Many Employees,” May 21, 2020. https://variety.com/2020/digital/news/facebook-permanent-work-from-home-1234613548/
4 Emsisoft, “The State of Ransomware in the US,” December 12, 2019. https://blog.emsisoft.com/en/34822/the-state-of-ransomware-in-the-us-report-and-statistics-2019/
5 Infosecurity, “Ransomware Strikes Third US College in a Week,” June 8, 2020. https://www.infosecurity-magazine.com/news/ransomware-strikes-third-us/
6 MSSP Alert, “Ransomware, Phishing, Botnets Top ‘Nastiest’ Malware in 2019,” November 4, 2019. https://www.msspalert.com/cybersecurity-research/ransomware-phishing-botnets-top-nastiest-malware-in-2019/
7 Health IT Security News, “Ransomware Attacks on Healthcare Providers Rose 350% in Q4 2019,” March 9, 2020. https://healthitsecurity.com/news/ransomware-attacks-on-healthcare-providers-rose-350-in-q4-2019
This article is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. This article is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. If professional advice is needed, the services of a professional advisor should be sought. There is no assurance that any investment, financial, or estate planning strategy will be successful.
What can we help you with today