There has been a dramatic increase over the past few weeks of phishing campaigns and ransomware attacks by criminals seeking to exploit the rising concern over the coronavirus pandemic, cyber security company CYE says. It has created a joint offering with Zurich Insurance to protect companies from the cyber crime
Amid increasing cyber attacks by criminals seeking to taking advantage of public concern over the Coronavirus pandemic, cyber security company CYE and Zurich Insurance have joined hands in an effort to protect businesses from the phenomenon.
In a press release, CYE said "The cooperation combines Zurich’s specialist cyber insurance and risk engineering capabilities with CYE’s artificial intelligence-based technology, services and cyber expertise."
There has been a dramatic increase over the past few weeks of phishing campaigns and ransomware attacks in which users clicked on malicious attachments or links bearing the coronavirus theme.
Employees working remotely using insecure networks are being targeted as well, the press release said.
As the virus spreads, the increase of sick employees as well as changes to work environments raise the possibility of the neglect of cyber hygiene.
"A higher reliance on remote work (employees accessing data through unsecured and unsafe Wi-Fi networks, using personal devices to perform work, or potentially not following company’s security protocols), will put companies and IT systems at greater risk of data breaches, as remote employees will not be connected via networks that are typically secured with protection layers such as firewalls, web filtering and data encryption," CYE said.
To mitigate the possibility of a cyber attack, employees should avoid clicking on suspicious links, documents or files; familiarize themselves with how to respond if security is suspected or confirmed to have been compromised; replace passwords and enable two-factor authentication of accounts when possible; avoid public Wi-Fi, activate antivirus tools, and update security patches, according to the press release.
CYE also called on corporate IT teams to configure and monitor firewall logging; use strong and updated endpoint protection solutions; block all services and interfaces except those required; block the IP ranges for regions from which employees should not be remotely connected; use only secure remote access to company networks, using an encrypted connection such as a virtual private network (VPN) if possible; configure VPNs with another security layer; and create online and offline backups of critical data.
