With the rise of telecommuting due to the COVID-19 pandemic, there has been an increase in phishing campaigns and other email attacks. Simultaneously, some shady workers might see ways to enrich themselves from the wealth of data that is now accessible without the same type of supervision.
Even before the pandemic, the 2020 Verizon Data Breach Investigations Report found that insider threat cases now make up about 30 percent of breaches and other data related incidents. That trend is expected to continue into 2021, according to Steve Durbin, the managing director of the non-profit Information Security Forum.
Durbin has been quoted in the media as saying, “The insider threat is one of the greatest drivers of security risks that organizations face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network. The threat from malicious insider activity is an increasing concern, especially for financial institutions, and will continue to be so in 2021.”
Small business owners need to understand the importance of data security. Even with outsourced IT services, it’s useful to know the technology threats businesses face. Some of the most prevalent threats are:
Email phishing has always been the most common entry point for attacks. Offices exchange hundreds of emails and electronic messages daily. Generally speaking, attackers like to choose the end of the day, when employees are tired and less mentally sharp, to bombard them with fake emails and links. Just one employee clicking on a malicious link can give attackers access to the whole company’s network.
To give the impression of authenticity, cybercriminals may falsify sender information in emails to provide the belief that the data comes from a reliable source, e.g., World Health Organization (WHO) or people with “Dr.” in their title. In some instances, the perpetrator sends a phishing email containing a link to a fake login page. Other emails can pretend to come from a company’s HR department and recommend that the employee open the attachment. For example, in March 2020, United Kingdom’s National Cyber Security Centre (NCSC) discovered various email messages that deploy the “Agent Tesla” keylogger malware. The phishing email is meant to look like it came from Dr. Tedros Adhanom Ghebreyesus, Director-General of the World Health Organization (WHO).
Like phishing, PDF scams aim to induce the recipient to open an attachment and unknowingly download malware like Emotet and TrickBot. Generally, an email is sent to the victim with a message stating that there has been an update in the company’s security policy or that an account statement is attached. When the PDF is opened, malware or ransomware is downloaded on the computer.
In credential stuffing attacks, hackers steal user access info through login credentials. These attacks are common when the same login credentials are used for different websites and accounts.
Database exposure is a security breach that exposes company information to a hack. Via social engineering, hackers steal login credentials or use malware to access data or a company’s network. Most companies store customer and employee information, financial details, or identity records, including Social Security numbers, on their database.
Businesses recovering from the economic downturn caused by the COVID pandemic can ill afford to suffer devastating breaches in 2021 and beyond.
Phishing, PDF Scam, Credential Stuffing and Database Exposure