Tech giant HP announced its 2021 forecast for computer threats. An increase in cyberthreats such as human-made ransomware, message hijacking, unintentional insider threats, corporate email corruption, and “whaling” attacks are predicted for the rest of the year.
Here are specific threats HP is warning against and how businesses can help avoid being victims.
Working from home has inadvertently weakened business security.
The mass exodus of employees in 2020 to their home offices has left a huge gap in companies’ security. Even though working from home was a necessity, so too was it necessary to create remote connections to servers via VPNs. The need for tech support, especially for remote setup and troubleshooting, coincided with some companies having to scale back their internal IT department staff. Between the rush to implement systems allowing employees to work remotely, VPN vulnerabilities and fewer IT staff on hand, business data is left less secure than ever.
Hackers know this, but employees new to working from home can be a weakness if they aren’t aware of or following security protocols. Hackers can gain access to business networks through devices staff use at home to connect to work. Home devices usually don’t have the security setup that enterprise devices do. As one of HP’s expert panel explained, “When employees work remotely, the line between professional and personal equipment becomes blurred. An act as innocent as reading a personal email on a company machine can have serious consequences.”
Whether you have an internal IT support department or not, outsourcing tech support makes so much sense right now, considering it’s a smart remote option for remote employees. Plus, having an IT firm on call means your company benefits from the expertise of its technicians having set up secure remote connections and security solutions for multiple businesses.
There’s a rise in ransomware.
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money (ransom) is paid. Ransomware attacks often occur via malware transmitted through emails such as Emotet, TrickBot, and Dridex.
Making matters worse is that there is no guarantee that once the ransom is paid that the cybercriminal will unblock your system or hasn’t culled all your data first to use for nefarious reasons or release it on the web.
Having your system blocked and held for ransom is terrifying. The best course of action is to be proactive. An outsourced IT support company can evaluate where your most vulnerable gateways are and put security in place to mitigate the risk of being victimized by ransomware.
Hackers are phishing in a barrel.
One of the HP panelists notes, “The most innovative mass phishing method we have observed is email hijacking, used by the Emotet botnet. The method consists of automating the creation of phishing lures by stealing email data from infected systems. These are then used to respond to conversations with messages containing malware in a very convincing form.”
An Invision client’s employees were receiving emails from the company president, asking to purchase gift cards. Fortunately, the tone didn’t match the president’s normal emails, but that’s not always the case. Our client reported it and our tech support ensured nothing was shared and no harm done. Invision can train our clients’ teams on cybersecurity best practices, too. This may be more important than ever with people’s guards down as they rely more on email to communicate in pandemic isolation.
Phishing emails exploit the environment right now. The HP panelist noted, “Indeed, fear can encourage people to open malicious emails; for example, dealing with vaccines against COVID-19, financial distress relating to the health crisis, or even possible political instability,” she says.
Zero trust is the new normal.
Trust no one. Working remotely calls for a zero trust policy that companies should implement now, if they haven’t done so already. As employees continue working from home, some for good, the old ways of protecting your company’s network, applications and data are no longer enough. With more employees using SaaS to store and retrieve data, more sensitive data is hosted outside a company’s firewall.
Employers cannot make working remotely difficult by making employees jump through multiple hoops to access what they need. Work with an outsourced IT company experienced in identity and access management. For example, Invision can implement authentication solutions that are key to zero trust. HP panelists suggest that high-level authentication solutions using biometrics is a technology of the future.
A new approach to security.
Between remote employees, corporate and personal IoT devices and hackers chomping at the bit to infiltrate weak spots, business owners have to take a new approach to security, and look outside of their organizations for the new technology and processes that protect their data from now on. Outsourcing IT support fits the bill as both a proactive and reactive (should a breach occur) solution.
To learn more about how Invision can help you prepare for an increase in cyber threats, contact us for an evaluation.