The country and economy are reopening, albeit slowly and cautiously. However, hackers and other digital bad actors have been busy coming up with new schemes that agencies must confront. Not only that, agencies must now rethink how they protect themselves.
Ransomware remains a top issue.
Ransomware is a type of malware that prevents an ageny from using its computer or accessing specific files unless a ransom is paid. The malware often encrypts files to prevent them from being opened.
Patrick Keating, chief security officer and vice president of Philadelphia-based Conner Strong & Buckelew, said ransomware is increasingly no longer a random act but a targeted attack based on reconnaissance to determine weaknesses. He said perpetrators create legitimate emails to test what does and does not trigger a spam filter. Small agencies are not immune.
“This type of attack represents the next evolution in ransomware,” Keating said.
Hackers using ransomware also frequently attack the managed service provider’s network so they do not alert a client.
Another type of scam making the rounds is funds transfer fraud, in which a third party sends fraudulent instructions to an insured’s financial institution. The message appears to be sent by the insured, but in fact, is transmitted without their knowledge or consent. In several cases, agencies have been asked for funds to be sent via ACH instead of by check, citing Covid-19 as the reason for the change.
“Such a request sounds reasonable, of course, however it can’t be taken at face value,” Keating said.
Phishing scams have been well-documented, but the pandemic has spawned new versions that could affect both an agency and its clients. Some phishing emails appear to come from employers and target people working from home. Employers should let employees working from home know how they will communicate with them with instructions to contact them immediately if they are even slightly suspicious of a work-related email they receive.
Working from home creates other vulnerabilities. Keating said many companies have adopted a Bring Your Own Devices (BYOD) Policy, which allows an employee’s personal device to be connected to a network.
“Companies need to think how those devices are protected, either using same controls on company-owned devices or install other countermeasures.” he said.
According to the new 2020 Verizon Data Breach Incident Report, employees’ mistakes have also opened-up companies to either breaches due to misconfiguration of cloud services or data leakage by accidentally emailing PHI or PII to the wrong recipient. It is easy for employees to be distracted when working from home.
Most agencies do not have the resources to hire a full-time cybersecurity expert such as Keating, however, he said there are other steps agencies can take.
He said agencies should think about engaging services or a vCISO (virtual chief information security officer) to help create a strategy and roadmap to ensure systems and data are secured. In the meantime, agencies need to make sure they maintain continually updated anti-virus software on all devices and continue to train and educate their users. Obtaining a URL filter offers additional protection, though this step will require technical expertise.
Was this article valuable?
Here are more articles you may enjoy.