The year 2020 has highlighted our dependence on technology. Cybercriminals have seized the opportunity to target the vulnerabilities that may exist in your business’ infrastructure.
Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have spiked 400 percent since the coronavirus (COVID-19) pandemic started earlier this year.
The figures, of course, are not particularly surprising. Many of the changes brought about by COVID-19, such as increases in remote working, greater reliance on cloud-based services, and expanded use of digital payment systems, have created increased opportunities for cybercriminals. Businesses have also been so focused on managing the financial fallout of the pandemic that cybersecurity has often taken a back seat. Thankfully, there are simple steps that businesses can take to help prevent a costly cyberattack.
Ransomware Attacks and Phishing Schemes on the Rise
The disarray caused by the COVID-19 pandemic is proving to be a breeding ground for cyberattacks, particularly ransomware and phishing schemes. Ransomware attacks increased 25 percent in the first quarter of 2020 versus the fourth quarter 2019, according to reports collected by Beazley’s Breach Response (BBR) Services. The insurer found that the manufacturing sector saw the biggest spike in ransomware attacks, with a 156 percent increase in incidents quarter-over-quarter.
Nonetheless, the financial and healthcare industries still tend to be cybercriminals’ favorite targets. Ransomware attacks against the financial sector increased roughly nine times from the beginning of February to the end of April 2020, according to VMware Carbon Black’s Modern Bank Heists report. While the financial and healthcare industries have been particularly hard hit, all industries are vulnerable to attack.
Phishing attacks have also skyrocketed during the pandemic, as millions of workers have been logging on from home. According to security awareness training experts, KnowBe4, cybercriminals are using our anxiety related to COVID-19 to perpetrate phishing scams. The scams rely on fake emails and texts designed to look like official COVID-19-related information to steal personally-identifiable information and/or launch malware.
Safeguarding Your Business from a Ransomware Attack
Being proactive is essential to protecting your business from any cyberattack. Below are several steps all businesses can take to help thwart a ransomware attack:
Perform regular data backups: It is imperative to have a reliable, up-to-date backup of all your data. The backup must not be connected to your main network so that it will not be compromised in the event of a cyberattack. It is also a good idea to store a copy of your data in a separate physical location or in the “cloud.” This helps ensure that no data will be lost if your business suffers a fire, flood or other major disaster at your central location. Businesses should also regularly verify that backups are being performed properly and that they can be relied upon in the event of a cyberattack.
Regularly check for software updates: Given the ever-evolving nature of cyber threats, it is essential to keep up with software updates and security patches to the operating system, software, and firmware on all computers. Employees should also understand the importance of installing updates/patches on any laptops or mobile devices. It is also important to verify that virus-detection programs are also up to date. Failing to perform software updates not only leaves companies exposed to cyber threats, but also increases the risk of liability.With employees working remotely, software update reminders are even more critical.
Train your staff to spot ransomware: Employees play a pivotal role in defending companies against cyberattacks. As ransomware attacks become more sophisticated, employees need to be more vigilant. While ransomware attacks initially relied on email messages that were clearly identifiable as spam,hackers are now using phishing schemes that make emails appear to come from a known contact. Employees should be trained to spot the hallmarks of these new attacks and be extra vigilant when receiving unusual emails or clicking on links for downloads.
Develop a solid business continuity plan: Even with a data backup and restoration plan in place, it often takes time to remove the ransomware and assume normal operations. In the meantime, your company should have a plan in place to maintain essential functions, communicate with key employees, and inform customers, vendors, and the public about your response to the cyberattack. Businesses should consult with legal counsel to develop their plans and ensure they meet any regulatory requirements.
Verify your insurance coverage: While many commercial general liability (CGL) policies provide coverage for business disruption, insurers are increasingly excluding cyber-related incidents. Specific cyber insurance policies often cover the cost of the ransom money paid and provide incident response assistance. Because the terms of individual policies vary, businesses should consult with experienced counsel to verify what types of cyber incidents are covered and identify any potential gaps in business insurance coverage.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Maryam Meseha, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Failing to Comply With NJ Rent Control Exemption May Prove Costly
What Developers Need to Know About New Jersey’s Rent Control Exemption Law to Ensure Entitlement to Exemption for Newly Constructed Multi-family Housing. A property owner in Jersey City is facing a $400 million federal class action lawsuit alleging that the landlord did not follow the procedural steps required to be eligible for exemption from local […]
Crypto Securities Law: When Tokens Become Investment Contracts
The application of traditional federal securities laws to crypto assets continues to evolve. In some cases, the Securities and Exchange Commission (SEC) considers tokens and other digital assets to be securities. This makes them subject to federal securities law, including the Securities Act of 1933 and the Securities Exchange Act of 1934. This classification has […]
The Due Diligence Process for NY Condominiums and Cooperatives
While the New York City real estate market can be extremely competitive, moving too quickly often backfires. Before purchasing a condominium or cooperative in New York City, it is important to do you homework. Purchasing property in NYC can involve a dizzying number of legal issues. These include condo and co-op rules, rent restrictions, and […]
Smart Contract Legal Issues: Drafting Agreements for Blockchain
Smart contracts feature a unique blend of legal agreement and technical code. This innovation has the potential to reshape how business is conducted. At the same time, smart contract legal issues around enforceability, jurisdiction, identity, and compliance are common. The legal framework for these self-executing agreements is still evolving. What Are Smart Contracts? Smart contracts, […]
Are Stay Interviews the Key to Retaining Top Talent?
Retaining top talent continues to be one of the greatest challenges facing employers today. Even in an employer’s market, the loss of a key employee can disrupt operations and result in significant costs. While compensation plays a role, long-term retention often depends on workplace culture, communication, and employee engagement. One increasingly popular strategy for improving […]
Secured transactions form the backbone of a wide range of business dealings, including business loans, mortgages, and inventory financing. Because the stakes are often high and relatively minor oversights can have drastic consequences, lenders and borrowers should thoroughly understand how to form an enforceable security agreement that protects their legal rights. What Is a Secured […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
