The year 2020 has highlighted our dependence on technology. Cybercriminals have seized the opportunity to target the vulnerabilities that may exist in your business’ infrastructure.
Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have spiked 400 percent since the coronavirus (COVID-19) pandemic started earlier this year.
The figures, of course, are not particularly surprising. Many of the changes brought about by COVID-19, such as increases in remote working, greater reliance on cloud-based services, and expanded use of digital payment systems, have created increased opportunities for cybercriminals. Businesses have also been so focused on managing the financial fallout of the pandemic that cybersecurity has often taken a back seat. Thankfully, there are simple steps that businesses can take to help prevent a costly cyberattack.
Ransomware Attacks and Phishing Schemes on the Rise
The disarray caused by the COVID-19 pandemic is proving to be a breeding ground for cyberattacks, particularly ransomware and phishing schemes. Ransomware attacks increased 25 percent in the first quarter of 2020 versus the fourth quarter 2019, according to reports collected by Beazley’s Breach Response (BBR) Services. The insurer found that the manufacturing sector saw the biggest spike in ransomware attacks, with a 156 percent increase in incidents quarter-over-quarter.
Nonetheless, the financial and healthcare industries still tend to be cybercriminals’ favorite targets. Ransomware attacks against the financial sector increased roughly nine times from the beginning of February to the end of April 2020, according to VMware Carbon Black’s Modern Bank Heists report. While the financial and healthcare industries have been particularly hard hit, all industries are vulnerable to attack.
Phishing attacks have also skyrocketed during the pandemic, as millions of workers have been logging on from home. According to security awareness training experts, KnowBe4, cybercriminals are using our anxiety related to COVID-19 to perpetrate phishing scams. The scams rely on fake emails and texts designed to look like official COVID-19-related information to steal personally-identifiable information and/or launch malware.
Safeguarding Your Business from a Ransomware Attack
Being proactive is essential to protecting your business from any cyberattack. Below are several steps all businesses can take to help thwart a ransomware attack:
Perform regular data backups: It is imperative to have a reliable, up-to-date backup of all your data. The backup must not be connected to your main network so that it will not be compromised in the event of a cyberattack. It is also a good idea to store a copy of your data in a separate physical location or in the “cloud.” This helps ensure that no data will be lost if your business suffers a fire, flood or other major disaster at your central location. Businesses should also regularly verify that backups are being performed properly and that they can be relied upon in the event of a cyberattack.
Regularly check for software updates: Given the ever-evolving nature of cyber threats, it is essential to keep up with software updates and security patches to the operating system, software, and firmware on all computers. Employees should also understand the importance of installing updates/patches on any laptops or mobile devices. It is also important to verify that virus-detection programs are also up to date. Failing to perform software updates not only leaves companies exposed to cyber threats, but also increases the risk of liability.With employees working remotely, software update reminders are even more critical.
Train your staff to spot ransomware: Employees play a pivotal role in defending companies against cyberattacks. As ransomware attacks become more sophisticated, employees need to be more vigilant. While ransomware attacks initially relied on email messages that were clearly identifiable as spam,hackers are now using phishing schemes that make emails appear to come from a known contact. Employees should be trained to spot the hallmarks of these new attacks and be extra vigilant when receiving unusual emails or clicking on links for downloads.
Develop a solid business continuity plan: Even with a data backup and restoration plan in place, it often takes time to remove the ransomware and assume normal operations. In the meantime, your company should have a plan in place to maintain essential functions, communicate with key employees, and inform customers, vendors, and the public about your response to the cyberattack. Businesses should consult with legal counsel to develop their plans and ensure they meet any regulatory requirements.
Verify your insurance coverage: While many commercial general liability (CGL) policies provide coverage for business disruption, insurers are increasingly excluding cyber-related incidents. Specific cyber insurance policies often cover the cost of the ransom money paid and provide incident response assistance. Because the terms of individual policies vary, businesses should consult with experienced counsel to verify what types of cyber incidents are covered and identify any potential gaps in business insurance coverage.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Maryam Meseha, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Dissolving Your Business: Essential Legal Steps to Protect Your Interests
If you’re considering closing your business, it’s crucial to understand that simply shutting your doors does not end your legal obligations. Unless you formally dissolve your business, it continues to exist in the eyes of the law—leaving you exposed to ongoing liabilities such as taxes, compliance violations, and potential lawsuits. Dissolving a business can seem […]
The Role of Corporate Restructuring in Mergers & Acquisitions
Contrary to what many people think, corporate restructuring isn’t all doom and gloom. Revamping a company’s organizational structure, corporate hierarchy, or operations procedures can help keep your business competitive. This is particularly true during challenging times. Corporate restructuring plays a critical role in modern business strategy. It helps companies adapt quickly to market changes. Following […]
Crypto Enforcement: A Former Prosecutor’s Warning to Criminals and the Public
Cryptocurrency intimidates most people. The reason is straightforward. People fear what they do not understand. When confusion sets in, the common reaction is either to ignore the subject entirely or to mistrust it. For years, that is exactly how most of the public and even many in law enforcement treated cryptocurrency. However, such apprehension changed […]
Understanding Chattel Paper: A Key Component in Secured Transactions
Using chattel paper to obtain a security interest in personal property is a powerful tool. It can ensure lenders have a legal claim on collateral ranging from inventory to intellectual property. To reduce risk and protect your legal rights, businesses and lenders should understand the legal framework. This framework governs the creation, sale, and enforcement […]
For years, digital assets operated in a legal gray area, a frontier where innovation outpaced the reach of regulators and law enforcement. In this early “Wild West” phase of finance, crypto startups thrived under minimal oversight. That era, however, is coming to an end. The importance of crypto compliance has become paramount as cryptocurrency has […]
Supreme Court and Title VII: Implications for Reverse Discrimination
Earlier this month, the U.S. Supreme Court issued a decision in Ames v. Ohio Department of Youth Services vitiating the so-called “background circumstances” test required by half of federal circuit courts.1 The background circumstances test required majority group plaintiffs pleading discrimination under Title VII of the Civil Rights Act to meet a heightened pleading standard […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
