An exponential increase in telework prompted by the COVID-19 pandemic has led to a parallel increase in cyberattacks, requiring companies to actively monitor cyber risks. On Pillsbury’s Industry Insights podcast series, colleague Brian Finch, a partner in the Government Law & Strategies group and co-leader of the COVID-19 taskforce, discussed two types of threats that have skyrocketed in the current crisis. The following describes three key takeaways on the increased risk for cybersecurity and measures businesses should take to mitigate threats in the case of a cyberattack.
- Be aware of the surge in social engineering and fund diversion scams in connection with the pandemic.
Cybersecurity threat firms have reported record surges in social engineering scams and fund diversion scams where targets are asked to provide personal information–e.g., passwords and user IDs–or to divert money into fraudulent bank accounts, in exchange for the latest information on the coronavirus. Malicious cyber actors steer victims to websites in connection with COVID-19 information or economic relief that are preloaded with malware that steals information. For instance, one company sent a six-figure wire transfer to a malicious cyber actor posing as a legitimate vendor in response to an email. The company’s insurance policy covered its losses, but the incident prompted preventative changes to internal controls and payment systems.
- Actively monitor network connections for cyber risks.
Law enforcement, the private sector, and cybersecurity professionals have reported an increase in cyberattacks from sophisticated bad actors like Iran, China, North Korea, among others. The sudden, unprecedented transition from working in the office to working from home caused a surge in remote traffic that has created opportunities for malicious cyber actors to use techniques and tools, like compromise networking gear and stolen passwords in virtual private networks, to steal valuable information or install malware that can potentially be very disruptive. For instance, one cybersecurity company noted a significant wave of cyberattacks coming from China as the country implemented lockdown during the midst of the COVID-19 outbreak. In addition, the FBI has reported a significant spike of cyberattacks on hospitals, testing labs and pharmaceutical companies. Companies’ experiences have demonstrated that it is important not only to install reliable, stable network connections but also to monitor such connections for cyberattacks.
- Implement a crisis management suite.
Businesses that fall victim to cyberattacks are strongly encouraged to implement a comprehensive crisis management suite that includes: counsel; incident response firms to help locate the adversary and get them out; public relations companies to discuss the how the breach happened and the resulting damage to business; and insurance brokers and carriers as well as insurance coverage attorneys. In addition, companies should contact regulators and indicate that private information has been stolen and generate disclosure requirements to states or federal regulators.