Northdoor comment:
As we see a rise in ransomware attacks during COVID-19, companies must ensure that they are prepared for attack during these unprecedented times
The most recent ransomware attack saw a medical-research institution working on a cure for COVID-19 attacked, which resulted in a $1.14m payment.
Times of uncertainty and change have always brought out the best and worst in populations. COVID-19 is proving no different. As communities come together and levels of support and appreciation for critical workers rise, we also see a worrying rise in attacks by cybercriminals.
The ransomware attack, a devastating tool during the best of times, has become even more effective during COVID-19. As a result, we see a significant increase in attacks. Specialist insurer Beazley found that there had been a 25% spike in ransomware attacks during the first quarter of 2020 compared to Q4 in 2019.
There is also a disturbing trend in criminals targeting critical organisations during the pandemic. Public sector organisations (Redcar and Cleveland Council were attacked with crucial systems offline for weeks) and medical facilities have all been targeted. Most recently, a criminal gang targeted the University of California San Francisco, a leading medical-research institution working on a cure for COVID-19, which was forced to pay a $1.14m ransom.
Although the staff tried to stop the spread of the malware by unplugging computers, the damage had already been done. Against the advice of law-enforcement agencies, negotiations were started to allow the institution to get back online and work on the cure. The criminal gang has also appeared to have attacked two other universities similarly in the past three months.
The growing threat of attacks and how to protect your business
The criminals are using increasingly sophisticated methods to gain access to systems. Some spend months inside networks identifying the most vulnerable areas and where the most valuable data resides before moving. With more attacks and more organisations paying ransoms, 2020 is likely to see an increase in the number of companies being targeted. However, according to AJ Thompson, CCO at Northdoor plc, companies should not lie down and accept that criminals will be successful.
“The past few months have seen an increase in the amount and focus of criminal gangs using ransomware. They are taking advantage of the situation of many companies and their employees working in new ways, often outside the corporate network. As we start to see the light at the end of the tunnel will COVID-19, that does not mean the threat will disappear.
“In all likelihood, criminals, flushed with their success during the first half of 2020, will be more active than ever, targeting many companies and sectors. However, this is not to say that we are helpless in the face of such attacks. The key is proactivity; if companies are proactive in their defences, then they are in a much better position to fight off or, even better, detect a threat before it becomes a problem, then so much better. Sitting passively beneath your defences is no longer effective, as cybercriminals are constantly evolving their methods of gaining entry.
“Ransomware attacks during COVID-19 have been particularly effective because of the new ways of working that many companies have had to implement. Employees work outside of the corporate environment, often for the first time, sometimes opening up old laptops and computers that are no longer supported or that have not been patched for months or possibly years.
‘Alongside proactive defences, companies need to effectively communicate and educate employees on what threats look like and how to work responsibly outside the corporate network. Employees remain the main vulnerability for most companies, so closing this breach is an effective way of shutting the criminals out.
“Although the threat has increased, there are plenty of methods that companies can implement to block the criminals’ entry, to identify the threat before it takes effect and to ensure that employees are aware of the methods the criminals use to gain access. With these in place companies are in a much stronger and proactive position,” concluded Thompson.