Change and disruption are a cybercriminal’s favorite words, and nothing has been more disruptive to daily life than the COVID-19 pandemic. The virus turned entire industries upside down overnight. Meanwhile, cybercriminals immediately went to work crafting COVID-themed phishing attacks targeting businesses and individuals.
During the Qualia-sponsored ALTA ONE session “Aligning People, Processes, and Technology to Prevent Cyber Attacks,” Tom Cronkright, CEO of CertifID and Sun Title Agency, discussed the rise of cyberattacks during COVID-19 and how businesses can protect themselves.
Why the pandemic resulted in an uptick in successful cyberattacks
“This year has been disruptive. We’ve experienced a number of changes and we’ve had to adopt new behaviors. This overexposure to change has reduced our guard and made us more vulnerable [to cyberattacks],” Cronkright explained.
During the pandemic, businesses migrated to remote work environments and practiced social distancing. “As we distanced ourselves from the different parties in the transaction, it created friction points for cybersecurity,” Cronkright noted.
One of the major points of friction was communication with internal and external partners who were now in remote locations. Daily communication shifted to email and meetings took place over video conferencing platforms like Zoom. These changes were opportunities for cybercriminals to intercept with phishing attempts.
“Brand impersonation makes up 66% of phishing activity,” Cronkright noted. This includes trusted brands such as Amazon, Apple, Microsoft, and others. Cronkright noted that Zoom scams, in particular, are on the rise during COVID-19. An individual may receive an email prompting them to download an updated version of the Zoom application which is actually a malicious code.
Zoom is not the only phishing scam on the rise. Cronkright noted that since shelter in place began, a new phishing site launches every 20 seconds. These include phishing attempts for things that employees and individuals are actively searching for during the pandemic, including employee benefits, PPP updates, and unemployment assistance.
Everything starts with phishing
For cybercriminals, phishing is the most common form of attack. “It’s a well-crafted email that looks like it’s coming from a trusted source. It could look like it’s coming from a real estate agent, one of your employees, or you,” Cronkright said. “The goal is to harvest your account credentials and specifically your email credentials.”
From there, the cybercriminal gathers intel with the goal of intercepting future communications. Cronkright noted that one-third of all cybercriminals will sit in an email account for more than a week gathering information.
Aligning people, processes and technology to lower security risks
There is no silver bullet to eliminate wire fraud; however, an integrated approach that considers people, processes, and technology can put businesses in a position of strength to lower their risk.
Your people: the first line of defense
Employees can be the first line of defense or the weakest link in the chain when it comes to preventing security incidents. The difference is an empowered workforce. Cronkright detailed how businesses should engage their employees to make security practices and protocols a “living and breathing organism within the organization.”
“Your culture should be one of curiosity and skepticism,” Cronkright said. Your entire staff should be skeptical of every piece of communication coming into the organization. This begins with transparency and open communication. Employees should be aware of fraud incidents that have impacted the company and everyone should report on and socialize attempted scams.
Cronkright also stressed the importance of continual training and giving employees the bandwidth to actually defend against these threats. Employees should have the time to ask questions and raise their hand if they don’t understand a security procedure.
Process: the net below your people
Process empowers employees. Your processes are the systems put in place to guide employees and ensure the highest state of security. A process should include protocols for employees to confirm that they are working under the following conditions for every file:
- The correct parties are involved in a transaction
- Communication and document exchanges are secure and trusted
- The information is reliable and correct (e.g. payoffs match expected numbers)
- Money is transferred safely (i.e. clear and effective wire policies)
Technology: a double-edged sword
“By the end of this year, we will have absorbed 3 years of technology,” Cronkright said of the flood of technology advancements spurred by COVID-19 and remote operations. Businesses must consider hardware, software, and overall technology infrastructure, which now extends to work-from-home environments.
While technology has the potential to create safer and more consistent transactions, it also opens up more opportunities for cybercriminals. “Finding the time or additional resources to look into technology solutions is going to pay off,” Cronkright said.
Regardless of the level of investment, Cronkright recommended 6 key areas businesses should optimize right away as “low hanging fruit”.
6 areas to optimize your technology right now:
- Hardware. Make sure you’ve optimized routers, firewalls, and intrusion detection solutions so that cybercriminals can not “open the front door of your network to have their way with your data.”
- Data protection and redundancy. Ensure data is encrypted, segmented, and partially offsite. Regular and complete backups of the network are also key.
- Email monitoring. Consider investing in services to monitor email traffic and look for malicious and suspicious emails. Your employees will be hit with fewer instances that could result in a successful phishing attack.
- Software updates. Make sure all of your software systems are up-to-date at all times.
- Virus detection. Invest in virus detection software to spot problems quickly.
- Access control, VPNs, and 2-factor authentication. While employees are working from home, they should be using a separate network than their children for work. Within the software system, access controls should be turned on along with 2-factor authentication to ensure only authorized users are able to access information and systems.
Overall, Cronkright urged listeners to reduce their “attack surface.” In other words, businesses should clean up hardware and software issues right away to reduce opportunities for cybercriminals. “When you start putting in layers in your security, the point in the ocean where they can find you gets smaller and smaller.”
To learn how Qualia can help your business meet the highest security standards, click below to read our security whitepaper.