Does your organization have a solid plan in place to prevent and respond to cyberattacks? If not—or if you haven’t examined your plan in a while—now is the right time to make it a priority.
According to both the FBI and Interpol, cyberattacks are on the rise. Since the start of the COVID-19 pandemic, the FBI has received between 3,000 and 4,000 cybersecurity complaints per day, three to four times the previous average of around 1,000 daily. Additionally, on the international side, Interpol has reported an “alarming rate of cyberattacks” during the pandemic. The agency also revealed that these attacks have shifted from individuals and smaller businesses toward major corporations, governments, and critical infrastructure.
There are also a few additional factors at play that make this issue even more critical:
- Logistics, transportation, and supply chain vendors have been particularly targeted, according to reports from Microsoft and the Center for Strategic & International Studies (CSIS).
- Supply chains are especially vulnerable since, by their nature, they involve several links, each of which could offer a potential entry point for a hacker.
- There’s a history of hackers leveraging smaller players within a supply chain to get to bigger companies. Consider the 2013 hack of the retailer Target. Cybercriminals infiltrated Target’s HVAC contractor to break into the retailer’s point of sale system and steal credit card details belonging to millions of customers.
- The pandemic required many companies to establish work-from-home policies—and alter their IT systems to give employees remote access. If these changes weren’t deployed with care, they could represent a security risk.
- Finally, the sheer confusion and fear around the pandemic have created ripe hunting grounds for hackers looking to leverage any available weaknesses.
The bottom line?
If creating a cyberattack contingency plan or updating your existing one is something you’ve let slide amid all of the chaos of the last year, move it back to the top of your list. In this article, we’ll cover some of the more common hacks and scams that have surfaced in the last year so you know what to look for. We’ll also offer some recommendations for next steps to secure your data and get your organization back online in case of an attack.
Trending Cyberattacks: What Do They Look Like?
Here’s the bad news: Cybercriminals have gotten extremely clever at leveraging the upheaval and confusion created by the COVID-19 pandemic to get. However, the good news is that many (but not all!) of these scams follow a pattern that’s easy to spot once you know what to expect.
The first scam is a new spin on an old gambit: phishing. In this type of scheme, a cybercriminal poses as a representative from a reputable organization in order to gather sensitive data. For example, one of your team might get a phone call out of the blue from someone claiming to work for tech support at Microsoft and asking for login credentials.
The COVID-19 pandemic has been ripe for this kind of scheme. For example, during the fast rollout of the Paycheck Protection Program (PPP), a cybercriminal might have sent out an email that appeared to be from your bank, asking you to “click here” to verify some final information to secure your PPP loan, such as your online banking login information or maybe your ATM pin. In any other circumstance, this kind of request probably would have thrown up a red flag. Most banks either 1) wouldn’t request this type of information or 2) would ask you to use their secure messaging system through their online portal or app.
However, during the rapid PPP rollout, many banks were scrambling to put the infrastructure in place to accommodate these loans. As a result, this kind of communication could, in a strange way, make sense. Additionally, many people were desperate to secure PPP funding, so they would be more inclined to override their judgment and complete the request, unwittingly revealing sensitive information—the ultimate goal of a phishing scam.
The second scam is also a familiar one—malware and ransomware—although hackers have gotten more clever at deploying these pieces of code. In a malware or ransomware attack, hackers gain access to an organization’s systems and install a piece of malicious software. This software can do all kinds of things, including stealing data or simply wreaking havoc. In the case of ransomware, hackers use their malicious code to take control of an organization’s systems, which they’ll only unlock upon receiving a significant payment. According to Interpol, these schemes make up about 36% of cyberthreats.
When it comes to malware and ransomware, the main challenge the hacker has to hurdle is how to get the program onto the machine they’re targeting. Some cybercriminals are still going the traditional route by sending malware as email attachments. Once these attachments are downloaded and launched, they install malicious software behind the scenes. As you might expect by now, hackers are using COVID-19-related topics to hoodwink people. Microsoft recently shared an example that looked like a download related to “Your COVID-19 Relief Funds payment.” However, embedded in that download was a clever piece of malware.
Cybercriminals have gotten even more devious in their methods by using what’s called the “software supply chain” to deploy their malicious programs. By inserting their malware in things like software updates, they’ve managed to infiltrate many unsuspecting companies. In fact, Russian hackers penetrated the systems of a company called SolarWinds, a government vendor, and inserted malware into their software update, which was then downloaded by 18,000 private and government users. This attack compromised several systems belonging to the U.S. State Department, the Department of Homeland Security, and parts of the Pentagon. These sophisticated attacks, which are relatively new on the horizon, are harder to anticipate and prevent. Additionally, they demonstrate how one vendor within a supply chain can compromise the other links fairly quickly.
So now that you know what some of these threats might look like, what are the next steps for your organization?
Preventing a Cyberattack—and Responding Quickly in the Face of One
1. Plan & Prepare: Don’t ever assume a cyber attack won’t happen to you.
Although few things are certain in the ever-changing world of tech, one thing is for sure: It would be a mistake to believe that your organization is too large, too small, too under-the-radar, etc. to fall prey to some kind of breach. Hackers find opportunity in weaknesses and failing to plan certainly qualifies. At a minimum, your organization should have a plan in place to prevent breaches and minimize the impact in the event one occurs. Additionally, you should also have a continuity plan in place for the worst-case scenario, so that you’re not stuck trying to formulate one in the middle of a real-life crisis.
2. Prevent: Educate your teams to avoid potential breaches.
As you formulate your plan, make sure you include some resources for educating your employees. By showing them what a phishing scam or a malware scam might look like, they can help you prevent a breach before it happens. Set clear standards for credential hygiene, including requiring both strong passwords and unique passwords for different resources. Additionally, be crystal clear about the circumstances under which they should reveal their passwords to anyone else. Ideally, this would be a “never” situation—even when it comes to members of your IT team. Spelling this out clearly for everyone can prevent one of your team members from accidentally sharing his or her password over the phone in a good-faith attempt to “assist” someone posing as your IT staff.
3. Get Proactive: Look outside your organization to increase your security.
Because every organization’s setup will be a little bit different, you’ll need to do your own assessments to uncover potential weaknesses. That said, you might consider hiring an outside tech security firm to do a threat assessment. Investing in an outside contractor will root out any blind spots that you and your IT team may not have considered.
Additionally, as the Solar Winds breach makes clear, it’s critical to look at anyone who partners with your organization. When it comes to your supply chain, you’re only as strong as your weakest link. Audit anyone who has access to your systems or data, and make sure that they’re taking cyber threats as seriously as you are.
One more note: In case of a breach, make sure that you’ve set standards with your supply chain partners in terms of how quickly you expect to be notified. Your legal team can offer you recommendations appropriate for your industry. Not only is this good business practice, but in light of legislation like the California Consumer Privacy Act, you may be liable for damages in case of a breach, even if there was no actual harm caused. The sooner you know an incident has occurred, the faster you can work to minimize the damage.
4. Prioritize: Pick someone within your organization to champion this cause.
Every organizational priority needs its own champion. In some organizations, cybersecurity falls in the lap of the Chief Information Officer or the Director of Information Technology. In other organizations, the line of responsibility isn’t as clear. No matter which department you want to handle this area, designate one person to be responsible above all for handling this piece above all. By doing so, you’ll give that person the clarity and the authority he or she needs to secure your company’s data and systems—and to be ready to guide the company through any threats that arise.
It Pays to Be Prepared
While it’s possible that your organization may never fall prey to a cyberattack—either through luck or excellent preparation—having a plan in place will make all the difference in terms of how quickly you recover. Just like any other potential disaster, a contingency plan can mean the difference between getting back to business in a matter of days versus spending weeks unraveling a mess. By recognizing cyberattacks as a potential rising threat, you’ll have the opportunity to secure your business and its data now and into the future.
Looking for a long-term logistics partner who can help you plan for the future of your organization? Schedule a complimentary consultation with one of our experts today.
Get a Free Quote