The worldwide public health crisis caused by COVID-19 has also unleashed a wide variety of secondary and tertiary trends, and cyberattacks on numerous businesses are one of the most noteworthy examples of this.
Organizations that haven't experienced breaches or hacks thus far are by no means guaranteed to keep their systems safe. It's critical to take note of cybersecurity concerns that have become particularly relevant amid the pandemic – and if necessary, expand your team with talented information security professionals and C-level staff.
Attacks on unsecured endpoints
Many businesses transitioned to – and have largely maintained – fully or partially remote operations once it became clear that COVID-19 had rapidly grown to be a worldwide crisis. But this transition meant that there was no longer a uniform level of network security to protect all machines across the staff, because of how many employees used personal computers or mobile devices for their work (as opposed to company-issued tools).
According to TechRadar, this meant that malicious actors, when preparing to attack an organization, could simply look for host devices connected to the network far from company headquarters and focus their attacks there. Techniques such as mobile device management, endpoint security, and identity and access management are critical to mitigating this particular risk.
Phishing and social engineering
Phishing has been a popular cyberattack method for years, but it became even more prevalent amid the pandemic, according to Forbes. Additionally, phishing emails are only one method under the umbrella of social engineering attacks: Fraudulent text messages and phone calls can also be involved, and their prevalence has surged in the COVID-19 era as well.
Many phishing communications in this latest round looked like they came from the Centers for Disease Control and Prevention or the World Health Organization, which could easily trick someone without a proper understanding of cybersecurity.
Misinformation is one of the key weapons cyberattackers have leveraged in recent months, preying on people's fears of the COVID-19 coronavirus disease. Using websites mimicking the pages of government departments, public health organizations, banks and other trusted institutions, hackers dupe victims into clicking on links that trigger downloads of data harvesting tools and other malware. According to Interpol, these websites facilitated a 569% increase in malicious website registrations and 788% growth in high-risk registrations between February and March of 2020.
What businesses should do
While up-to-date antivirus solutions, vulnerability scanners, firewalls and other tools can detect and block some of the aforementioned hacks and breaches, increasing organizational awareness of these issues and instituting appropriate mitigation practices is just as important.
If your business lacks individuals qualified to oversee and implement such countermeasures, YES Partners can help you find and onboard them, whether you need a chief information security officer or senior cybersecurity analysts. To see some of the roles that we have already successfully placed, click here.
Finding people is easy, but finding the RIGHT people is not. YES Partners helps companies FIND the right people for all company functions, across many industries.