The rise of Covid-19 Cyber-crime
As the world’s lawful economy stands on the threshold of global recession because of Covid-19 mitigation measures, the cyber-crime economy continues to grow. In 2018, the annual Cyber Crime report issued by Cybersecurity Ventures, predicted that by 2021, cyber-crime damages would reach £4.7 trillion. That staggering figure would equal the GDP of the world’s third largest economy.
Cyber-crime has been evolving
Cyber-criminals have spotted a range of opportunities to grow their illicit practices, at the same time as legal businesses have been taking a hit. Cybersecurity experts have noted that even more cautious cyber-criminal operators have adapted to what they see as a golden opportunity to make money.
Huge rises in cyber-crime have accompanied the lockdown measures introduced in the UK. Action Fraud, the UK’s national fraud and cyber-crime reporting centre, reported a 400% increase in coronavirus related fraud in March and April. These include a number of new scams:
- An increase in phishing scams – bogus communications that purport to be from a trusted source such as a bank, the government, or subscriptions service. These will usually try and elicit log in details and passwords.
- Emails claiming to be from the government requesting donations to support NHS charities during the Covid-19 crisis.
- Emails claiming to be from a research group that mimic the Centre for Disease Control & Prevention (CDC), and the World Health Organisation (WHO), requesting donations.
- Communications offering advice about trading opportunities or investment schemes, suggesting people take advantage of the coronavirus downturn.
As well as the above, there’s been an increase in cyber frauds across the board.
Threats to business
More people working remotely has given cyber-criminals increased opportunities to mount cyber-attacks. McAfee has recorded a huge growth in the number of attacks on Remote Desktop Protocol (RDP) ports exposed to the internet. RDP ports are a vital means for many businesses to enable their employees to work from home, as they allow communication with a remote system. With large numbers of employees very quickly having to switch to remote working, McAfee believe that adequate security measures were not always taken. This has provided cyber-criminals with an abundance of opportunities to cause damage.
Responding to cyber-crime
There are six key considerations for businesses if they suspect they have fallen victim to cyber-crime:
- Investigate – appoint a suitably qualified assessment team who will quickly establish the facts.
- Damage limitation – take any immediate steps to stop the damage spreading and make a full record of any damage suffered, including financial loss.
- Get help – bring in IT professionals well-versed in cyber-crime, as well as legal specialists.
- Report the attack – Ensure that organisations such as Action Fraud, banks, regulators, and insurers are informed.
- Conduct a post-incident review – why did the incident happen? How well did your business respond? What extra security measures do you intend to take to prevent it happening again? How will staff be trained to better spot and respond to developing threats?
- Intelligence – consider how you can arm your business with the best cyber-crime intelligence, such as signing up for the Cyber Information Sharing Partnership (CISP)
Be aware of the threat and plan
The best way to protect yourself and your business from cyber-crime is to be alert to the threat. Read the intelligence, take appropriate measures and if you discover your security has been compromised take quick action to limit the damage.
Need help with combatting cyber-crime?
Speak to the specialist team at Ampletech today.