The year 2020 has highlighted our dependence on technology. Cybercriminals have seized the opportunity to target the vulnerabilities that may exist in your business’ infrastructure.
Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have spiked 400 percent since the coronavirus (COVID-19) pandemic started earlier this year.
The figures, of course, are not particularly surprising. Many of the changes brought about by COVID-19, such as increases in remote working, greater reliance on cloud-based services, and expanded use of digital payment systems, have created increased opportunities for cybercriminals. Businesses have also been so focused on managing the financial fallout of the pandemic that cybersecurity has often taken a back seat. Thankfully, there are simple steps that businesses can take to help prevent a costly cyberattack.
Ransomware Attacks and Phishing Schemes on the Rise
The disarray caused by the COVID-19 pandemic is proving to be a breeding ground for cyberattacks, particularly ransomware and phishing schemes. Ransomware attacks increased 25 percent in the first quarter of 2020 versus the fourth quarter 2019, according to reports collected by Beazley’s Breach Response (BBR) Services. The insurer found that the manufacturing sector saw the biggest spike in ransomware attacks, with a 156 percent increase in incidents quarter-over-quarter.
Nonetheless, the financial and healthcare industries still tend to be cybercriminals’ favorite targets. Ransomware attacks against the financial sector increased roughly nine times from the beginning of February to the end of April 2020, according to VMware Carbon Black’s Modern Bank Heists report. While the financial and healthcare industries have been particularly hard hit, all industries are vulnerable to attack.
Phishing attacks have also skyrocketed during the pandemic, as millions of workers have been logging on from home. According to security awareness training experts, KnowBe4, cybercriminals are using our anxiety related to COVID-19 to perpetrate phishing scams. The scams rely on fake emails and texts designed to look like official COVID-19-related information to steal personally-identifiable information and/or launch malware.
Safeguarding Your Business from a Ransomware Attack
Being proactive is essential to protecting your business from any cyberattack. Below are several steps all businesses can take to help thwart a ransomware attack:
Perform regular data backups: It is imperative to have a reliable, up-to-date backup of all your data. The backup must not be connected to your main network so that it will not be compromised in the event of a cyberattack. It is also a good idea to store a copy of your data in a separate physical location or in the “cloud.” This helps ensure that no data will be lost if your business suffers a fire, flood or other major disaster at your central location. Businesses should also regularly verify that backups are being performed properly and that they can be relied upon in the event of a cyberattack.
Regularly check for software updates: Given the ever-evolving nature of cyber threats, it is essential to keep up with software updates and security patches to the operating system, software, and firmware on all computers. Employees should also understand the importance of installing updates/patches on any laptops or mobile devices. It is also important to verify that virus-detection programs are also up to date. Failing to perform software updates not only leaves companies exposed to cyber threats, but also increases the risk of liability.With employees working remotely, software update reminders are even more critical.
Train your staff to spot ransomware: Employees play a pivotal role in defending companies against cyberattacks. As ransomware attacks become more sophisticated, employees need to be more vigilant. While ransomware attacks initially relied on email messages that were clearly identifiable as spam,hackers are now using phishing schemes that make emails appear to come from a known contact. Employees should be trained to spot the hallmarks of these new attacks and be extra vigilant when receiving unusual emails or clicking on links for downloads.
Develop a solid business continuity plan: Even with a data backup and restoration plan in place, it often takes time to remove the ransomware and assume normal operations. In the meantime, your company should have a plan in place to maintain essential functions, communicate with key employees, and inform customers, vendors, and the public about your response to the cyberattack. Businesses should consult with legal counsel to develop their plans and ensure they meet any regulatory requirements.
Verify your insurance coverage: While many commercial general liability (CGL) policies provide coverage for business disruption, insurers are increasingly excluding cyber-related incidents. Specific cyber insurance policies often cover the cost of the ransom money paid and provide incident response assistance. Because the terms of individual policies vary, businesses should consult with experienced counsel to verify what types of cyber incidents are covered and identify any potential gaps in business insurance coverage.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Maryam Meseha, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Non-disclosure agreements (NDAs) remain a critical tool for protecting sensitive business information. However, New York NDA requirements have evolved, and businesses must ensure these agreements are carefully drafted to remain enforceable. In a competitive market like New York City, NDAs are commonly used to protect proprietary information, client relationships, and strategic plans. At the same […]
How Courts Evaluate Testamentary Capacity and Undue Influence Will contests in New Jersey are difficult to win, given the strong presumption that a properly executed will reflects the testator’s intent. However, challenges based on lack of testamentary capacity and undue influence remain common, particularly where there are concerns about mental capacity or the involvement of […]
Bringing on outside investors can provide the capital and strategic support a business needs to grow. However, raising capital also introduces important legal, financial, and operational considerations. Before bringing on investors, businesses should address key legal issues to reduce risk, streamline investor due diligence, and position the company for long-term success. Early preparation signals that […]
How the Updated Law Shapes Retirement and Estate Planning The SECURE 2.0 Act of 2022 materially reshapes the required minimum distribution (RMD) landscape, extending tax deferral opportunities while accelerating distribution requirements for many beneficiaries. For high-net-worth individuals and families, these changes are not merely technical. They require a reassessment of retirement income strategies, beneficiary planning, […]
Buying Commercial Property in New Jersey: Legal Guide for Small Businesses
Small businesses considering buying commercial property in New Jersey must evaluate a range of legal, financial, and operational factors. While ownership can offer long-term value and control, it also introduces significant risks if not properly structured. This guide outlines key considerations to help New Jersey business owners make informed decisions, minimize legal exposure, and successfully […]
The SEC’s Latest Guidance on Applying Federal Securities Laws to Tokenized Securities
On January 28, 2026, staff of the U.S. Securities and Exchange Commission’s Divisions of Corporation Finance, Investment Management, and Trading and Markets issued a joint statement clarifying how existing federal securities laws apply to tokenized securities. The SEC’s “Statement on Tokenized Securities” does not establish new law, but it does provide greater clarity on the […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
