The continuing COVID-19 crisis and nationwide shutdown are the exact circumstances that opportunistic cyber criminals seek to exploit and according to statistics released by Europol recently, they have been increasingly doing so, write Tara Cosgrove and Cian O'Gorman.
Europol have labelled this new wave of cyber criminals coming up with new means of exploiting unsuspecting businesses and individuals during the COVID-19 crisis as 'pandemic profiteering'.
These are unchartered waters for many businesses, who may have had little time to implement remote working protocols or to adequately train and prepare their employees on the dos and don'ts of doing so.
It is more important now than ever for organisations to ensure they have robust cyber security mechanisms in place to protect against such new forms of cyber attacks.
What are some of these new forms of cyber attacks and what defences can firms put in place to ensure they are best protected?
Recent COVID-19 cyber attacks
The underlying motivations for the attacks do not appear to have changed from before nor have the means of doing so. The primary form of attack is reportedly by means of “phishing” emails and messages on social media platforms.
With many employees working from personal devices and home internet networks – and indefinitely for many, perhaps – businesses are more susceptible to cyber attacks than they normally would be.
In some cases employees may be able to access websites/attachments which might normally be blocked on company equipment. What are some of the 'coronavirus themed' forms of cyber attacks? Some examples are as follows:
- Video conferencing attacks: this occurs where unwanted guests intrude on video meetings for malicious purposes. Ensure the services you are using are secure;
- Corona antivirus software scam: Antivirus software company Malwarebytes detected cyber criminals advertising a digital antivirus that purports to protect against the actual COVID-19 virus infecting people across the world;
- 'Coronavirus finder' Scam: Antivirus software company Kaspersky detected this scam, which claimed that users could reveal the number of people infected with COVID-19 near them in exchange for a small fee. This was revealed as a scam to collect credit card information.
- Sale of protective equipment scams: Many scams have been reported involving fake suppliers of hand sanitisers and face masks. One European business transferred €6.6 million to a company in Singapore after being conned by a fraudulent email.
- Internal staff member fraud: Speaking to RTE News, a representative of BH Consulting stated that a scam has emerged whereby you get an email purporting to be from your IT or HR team - saying “here's your company update on what's happening” and when you click on the link it brings you to a fake website and asks you for credentials to log into it.
Further increase in cyber attacks expected
Europol also issued a warning that it is expecting an increase in new, modified cyber frauds to emerge over the next few weeks, with invoice redirect fraud one of the most likely ploys.
The Garda National Economic Crime Bureau also warned people recently to be extremely careful around unsolicited emails, having intervened in two cases and recovered €50,000 for one company and €30,000 for another.
This should act as a very stark warning to businesses of and spur them into implementing protective measures, if they haven’t done so already.
Protective measures
All businesses, regardless of size or number of employees, should ensure they have implemented protective measures to secure their IT infrastructure and ensure their employees are adhering to safe remote-working protocols. Some of the steps which can be taken to prevent a cyber breach are as follows:
- Implementation of secure IT systems – Some of the systems which could be implemented include: a network perimeter defence; boundary firewalls and internet gateways; patch management; white listing and execution control; security monitoring; malware protection; a password policy and a secure configuration to restrict system functionality to the minimum needed for business functionality;
- Implementation of a cyber attack quick response policy – Your firm should implement a policy on how employees deal with a suspected cyber breach and what to do at the various stages e.g. 1./ Initial internal response mechanism 2./ Reporting the crime mechanism 3./ Reporting the threat to any affected third parties mechanism 4./ Assessment and reporting of any data breach 5./ Carrying out a full assessment of the breach.
- User training - Ensure both your IT team and users are fully trained on the relevant cyber security mechanisms. Ensure your staff users are trained adequately on remote working security protocols and are kept regularly updated;
- Insurance - Check whether you are insured for cyber-attacks under your relevant insurance policies (PI etc.) and consider purchasing cyber insurance cover in the event you are not covered.
Some basic protections which can also be implemented are:
- Ensure staff minimise the overlap of business and personal in relation to use of both hardware and software;
- If staff are forced to temporarily re-purpose a personal device for work, ensure that is its sole purpose for the duration;
- Remind all staff not to click on links/open attachments they are not expecting, even from internal contacts;
- Keep all software up to date including internet browsers, anti-virus software, email software;
- If in any doubt, call to verify the identify and validity of the attachment/link received;
- Change passwords regularly and ensure they are lengthy and complex;
- Implement multi-factor authentication where possible;
- Always call to verify bank details.
Conclusion
The combination of an increased volume and sophistication in cyber attacks, with large volumes of staff working remotely, poses a much heightened risk to businesses’ cyber security.
Businesses should carry out an analysis of the cyber defences they have in place and regularly implement upgrades and provide training to staff.
Failure to implement adequate cyber security infrastructure could lead to financial, reputational and/or loss of personal data, which could have long lasting detrimental effects. We are closely monitoring developments and will continue to issue updates to keep you informed.
Please note that this article is for information purposes only and specific legal advice should also be sought depending on your individual situation. Please contact Tara Cosgrove: t.cosgrove@beale-law.com or Cian O’Gorman: c.ogorman@beale-law.com if you have any specific query.
Beale & Co provides specialist legal advice to the construction and insurance sectors. With specialist lawyers spread across offices in London, Bristol, Dublin and Dubai, the firm has a long track record in successfully acting for companies all over the world, managing complex international arbitration; professional indemnity disputes; coverage; claims handling; corporate and commercial and contracts and projects advisory matters. www.beale-law.com