Cyberthreats continue to evolve and companies must be prepared
COVID-19 demonstrates how quickly risks can change
INSIGHT ARTICLE |
More companies than ever are conﬁdent in their organizations’ current security measures to safeguard sensitive customer data, despite the consistent rise in data breaches and other cyber incidents. Cyberattacks evolve in an attempt to expose weaknesses, and that has never been more evident than this year during the COVID-19 pandemic. Middle market companies must be careful not to allow over conﬁdence in existing controls to create vulnerabilities to evolving threats.
Early 2020 is a prime example of how quickly threats can change and take advantage of vulnerabilities. As COVID-19 spread across the world and became a global pandemic, cybercriminals deployed persistent campaigns that capitalized on the uncertainty and fear related to the coronavirus and, in some cases, reduced cybersecurity measures because of the surge in employees working from home.
The RSM MMBI survey found that 95% of middle market executives claim that they are conﬁdent in their current security stance, up 2% from last year’s survey. However, the highest percentage of respondents in the history of the survey reported a data breach - 18% compared to 15% last year and 5% six years ago. Threats can pivot quickly, and middle market protective controls sometimes fail to keep up.
“Unfortunately, during this historical pandemic, cyber thieves are preying on organizations,” commented Ken Stasiak, RSM principal. “As companies address the new normal, we may see a spike in security breaches over the next several months.”
Lawmakers have warned that the coronavirus pandemic has made the United States more vulnerable than ever to a serious cyberattack1 due to the increased attention paid to the crisis. These vulnerabilities extend to the middle market, where protections are simply not able to reach the level of government organizations or large international businesses. Threat actors are seeking attractive targets, and the reality is that nearly every company is at risk.
In the response to the COVID-19 pandemic, resources have shifted across the middle market, potentially taking attention away from security to focus on sustainability. In addition, employees using home networks can break the chain of security controls that have been developed within internal networks.
Phishing attempts represent the most prevalent method of attack during the COVID-19 pandemic. Emails are designed to look like they have guidance or advice from a company resource, or a legitimate organization, such as the World Health Organization or the Centers for Disease Control and Prevention. These messages attempt to coax recipients to click on a link or an attachment that launches malware to steal IDs and passwords that could lead to stolen company data.
Criminals have become very sophisticated, developing fake charities, and registering websites that seem closely aligned with COVID-19 news, relief or treatment. Their business is deception, and unfortunately, people will succumb to the tactics, especially in a time of crisis.
"Attackers will always try to utilize scenarios that will make it most likely that targets will interact with their malicious emails, and leveraging disasters has unfortunately been one of their preferred methods,” said Daimon Geopfert, Principal, RSM US LLP. “When people are stressed and afraid, they are not likely to use critical thinking, and this leads to a signiﬁcantly increased failure rate of basic social engineering training where someone would ask ‘do I know the sender?’ or ‘was I expecting this message?’”
These phishing scams are also leading to ransomware attacks, as attackers gain control of a company’s network or steal company or customer records, and demand payment for their return.
Middle market companies are largely conﬁdent in their existing controls, likely because of increases in cyber insurance policies, training and dedicated resources to manage cybersecurity. But disaster responses are a unique scenario and often result in a new world of threats and demands on potentially strained resources. Even with a sharper focus on cybersecurity protections, it’s difficult to stay ahead of threat actors.
The COVID-19 pandemic has caused several cybersecurity challenges, but it emphasizes how quickly criminals can strike and adjust strategies to take advantage of potential vulnerabilities. Middle market companies must be ready for any scenario by proactively communicating the risks, emphasizing where predators may be lurking, and adjusting security policies as necessary — such as in an extended remote working scenario.
“One of the biggest cybersecurity challenges companies face is the cultural shift or divide from a remote workforce,” said Stasiak. “The effects of a divided workforce, now only connected via technology, allows potential attacks to gain access to company resources.”
1 “The Cybersecurity 202: Coronavirus pandemic makes U.S. more vulnerable to serious cyberattack, lawmakers warn,” The Washington Post, accessed March 24, 2020.
You may also be interested in
Ransomware has always represented a concern for middle market businesses, but the threat has escalated in recent years.
While the cloud can provide significant benefits, middle market companies must be careful when selecting a cloud provider.
Middle market companies have increasingly become the primary target for cybercriminals, with data security incidents rising each year.