The pandemic has been a heyday for cybercriminals, large underground criminal organizations, and hackers. The sudden adjustment to a work-from-home (WFH) workforce included both technological disruption and opportunities for confusion that made companies and their employees more vulnerable to attack.
Companies weren’t always aware of how to properly upgrade cybersecurity policies to reflect their new network, which included multiple home office locations for the first time.
During the midst of the pandemic, 20% of surveyed organizations said they had suffered a security breach that originated with a remote employee device.
Attacks of all types have significantly risen during the pandemic, so while COVID may be getting under control, the “cyber pandemic” is still raging and putting small, medium, and large businesses at more risk.
Some of the startling statistics that illustrate just how bad cyberattacks have become since the pandemic began are:
- In 2020, there was a 485% increase in ransomware attacks.
- There was a 630% increase in attacks on cloud accounts last year.
- In the past two years, 83% of surveyed organizations have experienced a firmware attack.
Most companies have now gotten a handle on their business processes, cloud-based environments, and adjustments to a hybrid working environment and are slowly moving back into a “new normal.” The focus now needs to be on combatting the rise in cyberattacks and ensuring your company isn’t taken down by ransomware or a cloud account takeover.
What Cybersecurity Areas Should You Address?
Ransomware
If you look at any data breach or cyber threat report, you’ll find ransomware listed as one of the biggest threats to businesses.
The cost to remediate ransomware has been rising rapidly, along with the volume of attacks. Over the last 12 months, the cost to remediate a ransomware attack has grown from US$761,106 (CA$970,372) in 2020 to US$1.85 million (CA$1.27 million) so far in 2021.
Ransomware has grown so costly for several reasons, including:
- The fact that a majority of companies attacked pay the ransom
- It’s been democratized by criminal groups selling Ransomware as a Service (RaaS)
- It’s a big money-maker for individual hackers as well as large state-sponsored criminal groups
You should take a multi-pronged strategy when protecting against a devastating ransomware incident. This includes:
- A reliable backup strategy with rapid data recovery
- Strong phishing protections like email and DNS filtering
- Disaster recovery planning & incident response drills
- Best practices (many of which you can get with managed IT services), such as patch management, managed antivirus, and employee security training
Cloud Account Security
Cloud accounts have come under new scrutiny by cybercriminals. Companies are now keeping most of their data in the cloud and that’s also where many of their software-powered processes are located as well.
So, attackers are now increasingly targeting cloud accounts with “cloud jacking,” which is the takeover of a company cloud account by hacking/stealing/phishing a user credential.
Once an attacker is in a cloud platform, they can do serious damage. Imagine if a hacker breaches your online accounting software. They would have access to all your banking details and potentially perform wire transfers.
A breach of a Google Workspace or Microsoft 365 account can allow a hacker to send phishing emails from your company domain, create or remove users, access cloud storage, and more.
Tips for strong cloud account security include:
- Using multi-factor authentication (MFA) on all accounts
- Enforcing strong password policies
- Having a cloud IT professional configure your cloud account security settings
- Using a cloud access management application that acts as a gatekeeper to your cloud accounts
Remote Team Security
Many companies aren’t going back to a completely in-office staff. Companies are adopting hybrid models where workers have the flexibility of working from home or office. This structure can be secure, but it requires specific changes to your IT security plan to accommodate a work-from-home and hybrid working team.
This includes security features such as:
- Strong access management for network connections
- Use of a virtual private network (VPN) application
- Thoughtful data management and cloud use policies, so you don’t risk losing control of your data security
- Managed IT services being put in place for all work PCs, whether they’re at home or office
Firmware/Hardware Security
Firmware is the software that controls how your PC or other hardware operates. This includes how it boots the operating system and which users have administrative rights.
Due to the potential for an entire system takeover and the fact that firmware security has historically been neglected by PC manufacturers, firmware attacks have been on the rise. They’ve increased 5-fold in the last four years.
Here are some of the things you can do to improve your firmware security and reduce the risk of this type of attack:
- Look for firmware and hardware security being advertised in new hardware that you purchase.
- Ensure firmware is being updated regularly on all devices.
- Conduct ongoing employee security awareness training.
Get an IT Security Assessment to Identify Potential Areas of Concern
Strengthening your cybersecurity is easier if you have a roadmap. Data First Solutions can provide your business with an IT security assessment that identifies areas of concern and how to address them.
Contact us today to book a free assessment. Call 416-412-0576 or book your assessment online.
