If you think phishing emails will soon be a thing of the past, think again. While many companies are implementing training exercises to teach employees how to spot nefarious messages, alongside putting in place other safeguards to protect their systems, this cyber threat is still an emerging risk that’s unlikely to abate anytime soon.
“In the last year, we have seen a significant rise in phishing attacks related to ransomware. It’s always been an issue, however, we’ve seen stronger attacks using phishing emails [that are] targeting more of the upper level,” said Linda Hamilton (pictured), client operations manager and OFAC compliance officer at global data recovery firm Proven Data, and a panelist at the upcoming Emerging Risks & Innovation Summit in New York. “They’re more convincing phishing attacks and when they're going after the companies, they’re asking for much higher demands than before. They’re playing hardball right out of the gate as far as their phishing attacks.”
O365 breaches are another pervasive cyber issue impacting companies, and while some are starting to ensure that multi-factor authentication is turned on to reduce the risk, this hasn’t happened across the board. A growing reliance on third-party vendors has likewise increased organizations’ cyber risk.
“You do still see a lot of third-party vulnerabilities. People trust their IT, and they trust a software or a company that they’re working with who logs in remotely to work with them,” said Hamilton. “Anytime anyone is connecting to your network through a remote desktop protocol (RDP), that is a huge vulnerability if the proper passwords and multi-factor authentication are not put in place, if you’re not whitelisting your firewall, and making sure you’re putting the proper blockage in place. We’re seeing a lot of attacks where someone breaches a third-party vendor and then gets into a system through that connection.”
Mergers and acquisitions, while potentially beneficial to a company’s growth strategy in the long-term, can also sometimes hurt its cyber resilience, even if the acquiring company has taken the right cybersecurity steps.
“That is a big concern – when people are going to be taking over another company, you need to know exactly what sort of cybersecurity they already have in place because if you’re secure, but you’re taking over a company that maybe has remote desktop protocol with very little security on it, if their RDP is open and you then connect your two businesses, you can be hit through that vulnerability,” explained Hamilton. “That can even shut your business down or maybe close your doors forever.”
The cybersecurity expert recommends companies conduct a cybersecurity assessment, and, before an organization starts to connect their network with the acquired company, they need to make sure that they’ve looked at past employees’ access, as well as where the previous IT possibly left ports open.
“The biggest vulnerability to a company is internet connection, whether it be internet connection for your employees and them clicking on something, internet connection via email, downloading something, or internet connection to work remotely from home,” Hamilton told Insurance Business. “If you have a computer that’s really old and offline, it could be offline for years and never have a problem, but the minute you connect it to the internet and it’s outdated, you’re going to have issues with it being exploited.”
The Proven Data team believes that being proactive is one of the most important steps a company can take to address their cyber risk, before a major breach happens. Often, companies might procrastinate putting in place cybersecurity measures because of the financial cost. Nonetheless, a major breach or hack that leads to business interruption and other losses can significantly impact an organization’s bottom line.
“We really try to encourage companies to be proactive, or when they have a small incident to be proactive to reduce the risk of a bigger incident happening,” said Hamilton, adding that Proven Data will help companies scan and monitor their networks to identify gaps, and craft a multi-pronged cybersecurity strategy. “There’s no one thing that’s going to keep you safe. It is many different things that you’re doing that are all together collectively reducing risk, so what we try to do is work with the client to see what layers of their security need to be strengthened and how can they best do that.”
Take a deeper dive into this issue at the Emerging Risks & Innovation Summit in May 2019.