The coronavirus pandemic has shifted millions of employees to remote work set-ups and has prompted governments to disperse financial aid, about which businesses and individuals can find information online. In turn, cybercriminals have preyed on the cybersecurity vulnerabilities that remote workers often have, seen recently in reports that remote workers have been targeted by up to 65,00 Google-branded impersonation attacks, as well as releasing a spate of malicious websites that seek to scam or misinform people about governments’ financial assistance programs.
“Cybercriminals read the paper and read news online so they look for crises and they use those to drive cybercrime,” said Brian Lapidus (pictured), global practice leader for Kroll’s identity theft and breach notification practice. “We’re seeing cybercriminals really take advantage of the chaos that a pandemic causes.”
From a business perspective, the Kroll team has seen malware being introduced into organizations via communications involving COVID-19. An employee might be tempted to open an attachment that is touting masks or testing for employees, for instance, and that, in turn, can quickly introduce malware into a network.
The fact that the pandemic has coincided with tax season has amplified the potential scams that businesses and individuals have been exposed to during this time. Lapidus noted that from the start of the year until the tax deadline, Kroll sees an annual spike in tax-related scams, such as criminals calling consumers posing as the tax agency.
“Now it’s magnified because the criminals are taking advantage of a probably harried staff. People may think ‘I got an email from my CEO, he must need this now’ without taking a beat and asking, ‘do I usually get an email from my CEO asking for a 1099, W-2 or T4,’” said Lapidus.
Read more: CSE to take down over 1,000 scam websites
Another exposure during this time of remote work is that employees could be using less secure networks. For example, if they need to sign and print a form, but can’t connect their work computer to their home printer, they might send that document to their personal computer that doesn’t have the same security safeguards installed.
“Those are various entry points of things that are not considered normal for a business and all that person’s doing is their job, but because they’re working from home and it’s a different rhythm and a different set of processes, they’re potentially introducing other risks into the company,” explained Lapidus.
With remote work likely to continue for many businesses into the future, there are a few measures companies can take to protect their networks. These include buying cyber insurance to protect their bottom lines from significant losses should a breach or hack occur. Other protocols can involve reminding employees via training to be mindful of suspicious emails and websites, and ensure communications are from a trusted source by confirming this with the sender using another method of contact, among other measures that leadership can implement.
“Make sure you know where your data is and how to recall it if you have a ransomware event,” added Lapidus. “Preparation is the best defence, so understand what you would do if these things happen. Make sure that you have had a tabletop exercise in the last quarter or done things to make sure that should something happen, you’re better able to handle it.”