The government made a recent announcement to start to ease some of the lockdown measures in the UK. Thousands of businesses are now looking to re-open their doors, and return to their offices. With businesses getting their systems back up and running again, the risk of renewed cyber attacks could be just as high as when the COVID-19 pandemic first began.
What forms of cyber attack exist?
Interviewed by businessleader.co.uk, David Hough, a Technology specialist at tax firm Blick Rothenberg, said: “We have all sorts of evidence that the threat from cyber criminals is rife and that they will take advantage of re-opening businesses.” Companies should tread carefully as they ramp back up. This is regardless of whether a move to remote working was their new world, or if had ceased activities altogether.
Hough reports that the most common attacks being reported includes phishing emails which offer tax refunds related to COVID-19. The emails typically encourage the receiver to click on a link to make a claim.
These scams are also being delivered through other channels including by phone call, text message and even by WhatsApp. These messages are either offering tax refunds or they are threatening to impose fines for breaking lockdown rules. HMRC Always advises that they never communicate in this fashion. Anyone receiving these messages are strongly advised to ignore and delete the communication.
Phishing emails aren’t the only types of attack on the rise at the moment. Hough added: “Business systems could have been hacked while staff were furloughed, ready to be exploited when individuals return to work, so it is important that security is up to date and software subscriptions have been paid”.
Hough also explained that criminals will be looking to exploit vulnerability in a similar way as when the pandemic began: “Cyber criminals will be looking to attack businesses from every angle and will be looking for weaknesses in not only technology but also the way in which they operate, especially those companies that suspended operations for a period.
So how can businesses remained protected as they shift back into operation and offices?
Having a pro-active and versatile security strategy with regular review periods is key during this turbulent period of change. Calvin Gan, Tactical Defence Unit manager at cybersecurity firm F-Secure, told businessleader.co.uk that: “An effective cybersecurity defence should be turned into a real-time, proactive, and adaptable process instead of a reactive one. Without this, we would expect to see companies shifting their cyber security posture when a need arises again. We already saw this as companies had to adapt to having remote workforces. Now is the time to get ahead of the game.”
In addition to computer security, physical security devices in offices like CCTV should also be monitored and checked for tampering.
It is also vital that employees are clearly warned and well educated on the risks. Attacks occur on PC’s, laptops and smart phones via email, text, call or sometimes even post. So providing employees with training on how to identify attacks has never been more important.
As the UK begins to revert back to normal, businesses must remain vigilant when it comes to cyber security. Hough concluded his interview with businessleader.co.uk by adding: “Businesses and individuals now have to be on their guard as we come out of lockdown and gradually get back to work”.