CyberGuide - Information Security and Cyber Risk Management

Cyber criminals prey on vulnerable, overwhelm networks in wake of COVID-19

By Maribeth Anderson and Emily Selck, Hub International

Cyber criminals are taking advantage of the COVID-19 pandemic to breach an increasing number of business and healthcare systems. Find out how to safeguard your organization’s network during this vulnerable period.

Viruses aren’t the only bad agents threatening businesses in the wake of COVID-19. Cyber criminals are taking advantage of vulnerable corporate networks now taxed by a remote workforce on laptops and healthcare networks working overtime to meet patient needs.

Cyber criminals are doing what they usually do – studying email correspondences, looking for holes in the way organizations are currently operating. They’re baiting curious and anxious employees with phony websites, impersonating healthcare organizations and then inserting malware into business networks. They’re creating false and even malicious coronavirus-related sites, targeting states with high infection rates to try to steal information and credentials.

The problem is business networks are not functioning the way they usually do. As a result, cyber criminals are finding more success than ever in targeting employees. Their efforts are leading to fraudulent transfers of funds and network breaches.

A network’s greatest cyber vulnerability is its own employees. Train workers to be even more vigilant now than when in the office with the following best practices:

  1. Report a cyber-crime immediately. Cyber-crimes are not reported to law enforcement at the same rate as other crimes are, but they should be. The FBI’s Cyber Division works exclusively on these crimes and can provide increased protection when they are reported.
  2. Secure virtual meetings.  Utilize the most up-to-date security protocols with Skype, Teams, Zoom or GoTo Meeting to prevent outsiders from “bombing” your meetings. Instead, use a per-meeting ID with a password each time and enable the “waiting room” feature to see who is attempting to join before providing them access. Disable the “join before host” option and lock the meeting from outsiders once it begins. Visit your video conferencing platform’s website for more information and video tutorials on new security features.
  3. Review current remote access policies. Inform employees of approved technologies and the proper ways to use them. Implement controls for all transfers of funds, regardless of the size and especially when there has been a change in a process or procedure. Similarly, remind your employees not to share personal or business-related confidential information.
    Internally, consider how to manage layoffs of remote workers should there be terminations during this stay-at-home period. Businesses will need a plan for how to lock-down and repossess work equipment in this scenario.
  4. Use strong Wi-Fi and passwords. While most employees are currently sheltering in place at home where Wi-Fi is encrypted, many are still using phones, iPads and other devices remotely to access their business email or intranet while in line at the grocery store. Ask employees to use robust passwords – not 123456. Maintain and update security patches regularly.
  5. Mandate reliable sites only. A child could easily and inadvertently open a door to a cyber breach using mom or dad’s work computer. Mandate that only employees use remote equipment and teach them to only frequent websites offering reliable data on the current crisis, like the CDC, WHO, Canada’s PHAC and FEMA sites.
  6. Identify a cyber breach response plan. While you likely don’t have the bandwidth to create a full plan right now, you can put together a one-page list of internal and external contacts necessary post-breach. Include contacts for law enforcement, all stakeholders – C-suite and directors and officers – your cybercrime insurance broker, a privacy attorney and a forensic investigator. Timing and communication post-breach will make or break it for an organization. This one-page list will be key to coming out on top.
  7. Review your cyber policy coverage today. Consult with your cyber insurance broker to analyze your coverage to determine which policy exclusions exist. For example, cyber coverage typically requires a written policy to be in place for employees to their own device for work, which applies to work from home situations as well. Without such a policy, your cyber coverage may not respond in the event of a breach. If necessary, edit your internal policies and procedures and alert employees of any new rules.

Taking control of your business’ cyber security is a greater challenge when employees and IT personnel are working remotely. However, it can be done! Create new policies and leverage them via distance training to turn the tables on cyber criminals and put your business back in the driver’s seat.

About the authors: Maribeth Anderson is assistant vice president and senior risk consultant for Hub International.  Emily Selck is the Cyber Liability Practice Leader for Hub International Midwest Limited’s Management and Professional Liability Group