This is a note of awareness and precaution concerning elevated risks of cyberattack during the COVID-19 global pandemic

We all must add cybersecurity to the list of areas requiring our vigilance during the COVID-19 pandemic.  Not only are cybercriminals using COVID-19 themed phishing schemes to trick users to click on malicious links and attachments, but telework is creating a new, expansive attack vector.  If your staff is working from home, the security of your network now depends on the trustworthiness of their home computers, devices and the home network. 

It is also important to recognize that, according to global health organizations and some national government advisories, the pandemic could last 18 months.  Accordingly, telework could be the new normal.  Additionally, as cyber threat intelligence reports point to collaboration between cybercriminals and nation-states, we can anticipate that the global economic downturn will lead to escalating cyberattacks on advanced economies.  When the former Director of the US National Security Agency (NSA) referred in 2012 to cyberattacks as “the greatest transfer of wealth in history”, he was describing a cyber landscape far less sophisticated and aggressive than exists presently.  And, COVID-19 will be a factor that will make cyberattacks worsen in the near-term. 

So what can you do to protect your business?  The following list is a quick reference of broad areas to look into – you should assemble a team to explore the risks more comprehensively: 

  • Train your staff and implement a regular “heads up” notice of recent trends (e.g., awareness of phishing email profiles)
  • Minimize Remote Desktop Protocol (RDP) to only those having a clear need (RDP is a targeted protocol)
  • Implement two-factor authentication (especially important for teleworkers)
  • Encrypt your PII (Personally Identifiable Information)
  • Plan and design ways to secure and monitor risks to teleworking staff
  • Join an information sharing community, such as an ISAO:  Information Sharing and Analysis Organization (e.g., SMBiSAO)
  • Preparedness:  have and rehearse an Incident Response Plan, and establish business ties with your selected team: cyberlaw breach coach/incident response vendor
  • Cyber Insurance:  this is critical!  The most prevalent ransomware today is Ryuk; and the average ransom demand by Ryuk attackers is $700,000!  

Remember, you can NEVER have perfect security and a determined attacker will always find a way in.  However, since that threat cannot realistically be prevented, that risk should be addressed through insurance.  Instead, rather than worrying about EVERY threat, implement “reasonable security” and focus on 1) compliance (e.g., GDPR) and 2) the most risky and most likely threats.  Moreover, since cybercriminals have many potential victims, simply avoiding becoming the “low-hanging fruit” du jour is a realistic approach.  In other words, do the things that are reasonable and will likely cause cyberattackers to move on to find an easier target. 

eosedge Legal is available to help you and our eosCyber Alliance affords you the full range of cyber capability and services, including both Prevention and Response capabilities. eosedge Legal regularly performs breach coaching services and is an approved “Breach Coach” with several insurance carriers. 

Please stay well, and keep in mind that the sentiment of “we’re all in this together” also applies to cyber risk and our economic vitality from cyber-borne threats.     

 

Douglas M. DePeppe | Cyberlaw Attorney | LLM, JD

eosedge Legal | A Cyberlaw and Services Firm

90 South Cascade Avenue, Suite 1100

Colorado Springs, CO 80903
Direct 719.357.8025 | Office 719.386.3056 | c 703.283.2349
Skype ID: doug.depeppe | www.eosedgelegal.com
Conferencing: https://join.me/cybercloak
My Homepage www.cyberjurist.net

Contributing Advisors