Cyber-demic Update
Michael Bruemmer
Global Data Breach Resolution @ Experian | CIPP/US and Fraud Expert
March 2021
A monthly digest on the impact of COVID-19 in the cybersecurity space in particular to the vaccine rollout, remote working and rise of new threat vectors.
---------------------------------------------------------------------------------------------------------------
Preparedness Stagnation and Setbacks
In our 2020 annual data breach corporate preparedness study (report out later this month) conducted with the Ponemon Institute, we saw many areas decline in improvement or stay the same…The pandemic hurt efforts to focus and improve, which proved really harmful…Less than half (48%) of organizations have added plans to respond to data breaches created by a remote workforce…Only 9% of respondents felt very confident that their organization was prepared for a ransomware attack…Including plans to handle an international breach went down by 17%...While 60% of orgs say attacks like spear phishing and ransomware attacks went up and almost half said breaches that occurred were due to a remote workforce...One startling stat: only 46% of board of directors and C-Suite executives requested a briefing on possible security risks caused by a remote workforce…Wow…Read more about the perils of working from home and security risks like using RDP in my dark web expert colleague Brian Stack’s post.
New hacker strategy
Hackers were hot on ransomware but now they are getting more bang for their buck…They are targeting enterprise systems like payroll, HR management, email automation, payment processing, etc., which can reach hundreds and thousands of companies like the recent Microsoft, file transfer system Accellion, SITA, and a video camera start-up Verkada hacks…We’ve seen an uptick this year so far in data breach clients due to third-party attacks…Companies need to shore up on their security software and plan for things like network outages, being a Texan I felt the pain of the recent infrastructure failure, which could also happen due to a cyberattack…I just read today that Chinese state hackers are targeting Linux systems with malware, according to security researchers at Intezer.
Show me the money
Another effect of the pandemic is that cyber insurance rates are going up...According to reports, the increase is driven by a surge in ransomware claims and policyholders can expect 20-50% increases…Our preparedness study shows that almost half of respondents have insurance and 39% have changed the amount of coverage since COVID-19…Watch out for fake donation seekers leveraging the migrant children at the border…Scams asking to send money to help the children are already hitting emails and texts.