The ways companies risk security in a crisis: external threats - SearchInform

The ways companies risk security in a crisis: external threats

26.05.2020

Back to blog list

Pandemic, oil collapse, global economic crisis, there are enough reasons for concern in 2020. However, these are not the only factors that will influence businesses all over the world. After all, while companies are taking measures to be financially stable and keep employees healthy, there are those who are ready to profit from this situation.

The analytical company Verizon reported that at the peak of the crisis of 2008-2009 the scale of corporate data thefts increased: during 2004-2007, 230 million records were compromised, and in 2008 more than 285 million rows of data were leaked. At the same time, the number of hacks (+ 5%), the introduction of malware (+ 7%), and insider actions (+ 2%) in order to steal data increased.

During the same global crisis of 2008-2009 in the G20 countries, Cisco recorded a spike in spam and phishing mailings. On average, their number increased by 71% then. This demonstrates that attackers exploit panic and exploit high-profile topics to eventually lure your data.

This situation repeats itself.

External risks

For malicious outsiders, inattentive employees are the entry point to the company's infrastructure. They are caught with the help of phishing.

The first variant – via emailing. In marks of the current coronavirus pandemic, false letters have already spread from WHO, ministries of health and other competent authorities with the latest data on the disease. They are aimed at mainstream audience. Niche options – messages from regulators, for example, new sanitation requirements from the Public Health Ministry, new rules for sick leave payment from the Ministry of Labor, etc. These kind of emails are the most dangerous for business.

As a rule, fraudsters add malicious links to emails, sometimes they attach real reports and instructions, but they contain malicious software. It can be virus, spyware, ransomware - if you “contract” it, your data will leak or be blocked.

The second variant - through sites and applications - disease-spreading trackers. They steal usernames, passwords, and billing information. If your employees who use corporate devices fall into this trick, the attackers will have access to corporate accounts and services.

The third - the so-called BEC attacks against companies. They are possible if fraudsters have received corporate accounts data or confirmed email addresses of employees. In this case, employees are sent letters on behalf of the management or counterparties and are asked to make a payment under various pretexts. As a rule, they refer to the fact that an urgent transaction can be canceled. In conditions when part of the staff is forced to work remotely, it is more difficult for employees to make sure that the real bosses address them – you cannot look into the office. As a result, victims take the attackers word for granted, and companies lose their money. 

How to protect?

•    Conduct training. Tell employees about the tricks scammers use and how to recognize the threats. 
•    Create memos. For example, that @who.com, @who.org or @who-safety.org addresses are not related to WHO, or that sudden requests for payment from a boss have to be confirmed through three deputies, and so on.
•    Test your employees. Instruct the security department to send out a fake letter and check if the employees listened to the warnings, and who opened the letter, clicked the link or downloaded the attachments. Instruct those inattentive one more time.
•    Strengthen technically. Check all employees’ PCs for the latest updates of the operating system and programs. Especially current versions of antiviruses. Update the settings of anti-spam filters on email servers, firewalls on all network devices. This will reduce the likelihood that malicious and phishing messages will find recipients in your team.

Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyberincidents.