COVID-19 Scammers Step Up Attacks On Quarantined Workers
A recent warning from the FBI shows that the criminal underground economy is booming while scammers use ingenious ways to take advantage of the world’s misery as over 180 countries battle the coronavirus pandemic.
The FBI report goes on to warn of fake emails, phishing attacks, as well as counterfeit treatments and equipment for sale, all directed to individuals and businesses.
These attacks all have one thing in common, email. SoS Daily News Blog reports that a recent study by IRONSCALES shows that 90% of all successful cyberattacks originate with phishing emails.
So, cybercriminals have taken a successful tactic, email, and effectively put it on steroids by injecting Coronavirus scare tactics and clickbait into their attacks.
Here is the problem: we are in a State of Emergency, and most of us are in lockdown, working from home. In many cases, employees are using home computers to access company networks. It is a known fact that most home computers and network equipment are incorrectly configured, not always updated, and have poor or no security.
Here is the danger: one errant click by a well-meaning employee while connected to the company network can cause havoc by introducing malware, including ransomware, at a time when businesses can ill-afford another catastrophic event.
Here are the steps to take to mitigate the danger:
- Educate your employees so they know NEVER to click on any link or open attachments in unsolicited emails.
- Insist that all employees keep their home PC Operating Systems, third-party software, and antivirus programs updated.
- Windows 7 (or below) computers should not be allowed access to the company network.
- Family members should not use the same computer employees use for work. If this is not possible, then each family member must have an individual non-privileged user account. Employees should also have a login password for their user account as added protection.
- Always use a VPN to remote into the company network.
- Employ multi-factor authentication for network and web account access wherever possible.
- Insist that home networking equipment uses the latest protocols and that default passwords have been changed.
- Save company documents to a defined area on the company’s server and not on the employee’s home computer.
- Refrain from printing confidential documents and use a micro-shredder to destroy printed material after use.
- If your company does not have an IT department, you should enlist the help of a Managed Services Provider (MSP) to ensure things are set up securely, your network is supported, and helpdesk services are in place.
- Companies should have a written Disaster Recovery Plan and a robust Business Continuity Disaster Recovery (BCDR) system in place to ensure networks can be quickly restored in the event of a cyber-attack.
- Company Executives must resist the urge to cut IT expenses during the crisis as IT support will be needed more than ever at this time.
A special note on ransomware
Ransomware is on the rise and more dangerous than ever. Most companies are not operating 100%, and a ransomware attack can be a business-ending event. Indeed, a ransomware attack on a healthcare facility such as a hospital can have a deadly effect, costing many lives.
The best defense against ransomware is a Hybrid-cloud Business Continuity solution. This type of backup system gives you:
- An image-based solution for faster and more complete recoveries.
- Instant onsite fail-over to quickly restore server functionality from a local onsite device.
- Cloud image backups to automatically save system images and data offsite and, if necessary, lets you run your network entirely from the cloud.
- Bare metal restore capability so you can restore systems on different hardware.
- Backup verification, ensuring that your backups are always viable and available.
Take action now
First: if you do not have a written Disaster Recovery Plan, then download our template right now. Our Disaster Recovery Template is in Microsoft Excel and contains tabs covering critical areas. It is not password-protected, so you can revise and add to it as needed. Click the image below to download your copy now.
Unlike some of our competitors, the template has no registration requirements. During this crisis, we’re not interested in adding to our email list; we just want you to download and use it, no strings attached.
Second: call us at (845) 362-9675 or email us at [email protected] to request a demo of the most awesome Business Continuity Disaster Recovery (BCDR) solution in operation today. Our solution will keep your business up and running even if your servers are damaged, infected with ransomware, or are destroyed.
XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment