The year 2020 has highlighted our dependence on technology. Cybercriminals have seized the opportunity to target the vulnerabilities that may exist in your business’ infrastructure.
Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have spiked 400 percent since the coronavirus (COVID-19) pandemic started earlier this year.
The figures, of course, are not particularly surprising. Many of the changes brought about by COVID-19, such as increases in remote working, greater reliance on cloud-based services, and expanded use of digital payment systems, have created increased opportunities for cybercriminals. Businesses have also been so focused on managing the financial fallout of the pandemic that cybersecurity has often taken a back seat. Thankfully, there are simple steps that businesses can take to help prevent a costly cyberattack.
Ransomware Attacks and Phishing Schemes on the Rise
The disarray caused by the COVID-19 pandemic is proving to be a breeding ground for cyberattacks, particularly ransomware and phishing schemes. Ransomware attacks increased 25 percent in the first quarter of 2020 versus the fourth quarter 2019, according to reports collected by Beazley’s Breach Response (BBR) Services. The insurer found that the manufacturing sector saw the biggest spike in ransomware attacks, with a 156 percent increase in incidents quarter-over-quarter.
Nonetheless, the financial and healthcare industries still tend to be cybercriminals’ favorite targets. Ransomware attacks against the financial sector increased roughly nine times from the beginning of February to the end of April 2020, according to VMware Carbon Black’s Modern Bank Heists report. While the financial and healthcare industries have been particularly hard hit, all industries are vulnerable to attack.
Phishing attacks have also skyrocketed during the pandemic, as millions of workers have been logging on from home. According to security awareness training experts, KnowBe4, cybercriminals are using our anxiety related to COVID-19 to perpetrate phishing scams. The scams rely on fake emails and texts designed to look like official COVID-19-related information to steal personally-identifiable information and/or launch malware.
Safeguarding Your Business from a Ransomware Attack
Being proactive is essential to protecting your business from any cyberattack. Below are several steps all businesses can take to help thwart a ransomware attack:
Perform regular data backups: It is imperative to have a reliable, up-to-date backup of all your data. The backup must not be connected to your main network so that it will not be compromised in the event of a cyberattack. It is also a good idea to store a copy of your data in a separate physical location or in the “cloud.” This helps ensure that no data will be lost if your business suffers a fire, flood or other major disaster at your central location. Businesses should also regularly verify that backups are being performed properly and that they can be relied upon in the event of a cyberattack.
Regularly check for software updates: Given the ever-evolving nature of cyber threats, it is essential to keep up with software updates and security patches to the operating system, software, and firmware on all computers. Employees should also understand the importance of installing updates/patches on any laptops or mobile devices. It is also important to verify that virus-detection programs are also up to date. Failing to perform software updates not only leaves companies exposed to cyber threats, but also increases the risk of liability.With employees working remotely, software update reminders are even more critical.
Train your staff to spot ransomware: Employees play a pivotal role in defending companies against cyberattacks. As ransomware attacks become more sophisticated, employees need to be more vigilant. While ransomware attacks initially relied on email messages that were clearly identifiable as spam,hackers are now using phishing schemes that make emails appear to come from a known contact. Employees should be trained to spot the hallmarks of these new attacks and be extra vigilant when receiving unusual emails or clicking on links for downloads.
Develop a solid business continuity plan: Even with a data backup and restoration plan in place, it often takes time to remove the ransomware and assume normal operations. In the meantime, your company should have a plan in place to maintain essential functions, communicate with key employees, and inform customers, vendors, and the public about your response to the cyberattack. Businesses should consult with legal counsel to develop their plans and ensure they meet any regulatory requirements.
Verify your insurance coverage: While many commercial general liability (CGL) policies provide coverage for business disruption, insurers are increasingly excluding cyber-related incidents. Specific cyber insurance policies often cover the cost of the ransom money paid and provide incident response assistance. Because the terms of individual policies vary, businesses should consult with experienced counsel to verify what types of cyber incidents are covered and identify any potential gaps in business insurance coverage.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Maryam Meseha, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Does Your Homeowners Insurance Provide Adequate Coverage?
Your home is likely your greatest asset, which is why it is so important to adequately protect it. Homeowners insurance protects you from the financial costs of unforeseen losses, such as theft, fire, and natural disasters, by helping you rebuild and replace possessions that were lost While the definition of “adequate” coverage depends upon a […]
Understanding the Importance of a Non-Contingent Offer
Making a non-contingent offer can dramatically increase your chances of securing a real estate transaction, particularly in competitive markets like New York City. However, buyers should understand that waiving contingencies, including those related to financing, or appraisals, also comes with significant risks. Determining your best strategy requires careful analysis of the property, the market, and […]
Fred D. Zemel Appointed Chair of Strategic Planning at Scarinci & Hollenbeck, LLC
Business Transactional Attorney Zemel to Spearhead Strategic Initiatives for Continued Growth and Innovation Little Falls, NJ – February 21, 2025 – Scarinci & Hollenbeck, LLC is pleased to announce that Partner Fred D. Zemel has been named Chair of the firm’s Strategic Planning Committee. In this role, Mr. Zemel will lead the committee in identifying, […]
Novation Agreement Process: Step-by-Step Guide for Businesses
Big changes sometimes occur during the life cycle of a contract. Cancelling a contract outright can be bad for your reputation and your bottom line. Businesses need to know how to best address a change in circumstances, while also protecting their legal rights. One option is to transfer the “benefits and the burdens” of a […]
What Is a Trade Secret? Key Elements and Legal Protections Explained
What is a trade secret and why you you protect them? Technology has made trade secret theft even easier and more prevalent. In fact, businesses lose billions of dollars every year due to trade secret theft committed by employees, competitors, and even foreign governments. But what is a trade secret? And how do you protect […]
What Is Title Insurance? Safeguarding Against Title Defects
If you are considering the purchase of a property, you may wonder — what is title insurance, do I need it, and why do I need it? Even seasoned property owners may question if the added expense and extra paperwork is really necessary, especially considering that people and entities insured by title insurance make fewer […]
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
Ransomware Attacks Spiking Amid COVID-19, Could Your Business Be Next?
Author: Scarinci Hollenbeck, LLC
The year 2020 has highlighted our dependence on technology. Cybercriminals have seized the opportunity to target the vulnerabilities that may exist in your business’ infrastructure.
Online crimes reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) have spiked 400 percent since the coronavirus (COVID-19) pandemic started earlier this year.
The figures, of course, are not particularly surprising. Many of the changes brought about by COVID-19, such as increases in remote working, greater reliance on cloud-based services, and expanded use of digital payment systems, have created increased opportunities for cybercriminals. Businesses have also been so focused on managing the financial fallout of the pandemic that cybersecurity has often taken a back seat. Thankfully, there are simple steps that businesses can take to help prevent a costly cyberattack.
Ransomware Attacks and Phishing Schemes on the Rise
The disarray caused by the COVID-19 pandemic is proving to be a breeding ground for cyberattacks, particularly ransomware and phishing schemes. Ransomware attacks increased 25 percent in the first quarter of 2020 versus the fourth quarter 2019, according to reports collected by Beazley’s Breach Response (BBR) Services. The insurer found that the manufacturing sector saw the biggest spike in ransomware attacks, with a 156 percent increase in incidents quarter-over-quarter.
Nonetheless, the financial and healthcare industries still tend to be cybercriminals’ favorite targets. Ransomware attacks against the financial sector increased roughly nine times from the beginning of February to the end of April 2020, according to VMware Carbon Black’s Modern Bank Heists report. While the financial and healthcare industries have been particularly hard hit, all industries are vulnerable to attack.
Phishing attacks have also skyrocketed during the pandemic, as millions of workers have been logging on from home. According to security awareness training experts, KnowBe4, cybercriminals are using our anxiety related to COVID-19 to perpetrate phishing scams. The scams rely on fake emails and texts designed to look like official COVID-19-related information to steal personally-identifiable information and/or launch malware.
Safeguarding Your Business from a Ransomware Attack
Being proactive is essential to protecting your business from any cyberattack. Below are several steps all businesses can take to help thwart a ransomware attack:
Perform regular data backups: It is imperative to have a reliable, up-to-date backup of all your data. The backup must not be connected to your main network so that it will not be compromised in the event of a cyberattack. It is also a good idea to store a copy of your data in a separate physical location or in the “cloud.” This helps ensure that no data will be lost if your business suffers a fire, flood or other major disaster at your central location. Businesses should also regularly verify that backups are being performed properly and that they can be relied upon in the event of a cyberattack.
Regularly check for software updates: Given the ever-evolving nature of cyber threats, it is essential to keep up with software updates and security patches to the operating system, software, and firmware on all computers. Employees should also understand the importance of installing updates/patches on any laptops or mobile devices. It is also important to verify that virus-detection programs are also up to date. Failing to perform software updates not only leaves companies exposed to cyber threats, but also increases the risk of liability.With employees working remotely, software update reminders are even more critical.
Train your staff to spot ransomware: Employees play a pivotal role in defending companies against cyberattacks. As ransomware attacks become more sophisticated, employees need to be more vigilant. While ransomware attacks initially relied on email messages that were clearly identifiable as spam,hackers are now using phishing schemes that make emails appear to come from a known contact. Employees should be trained to spot the hallmarks of these new attacks and be extra vigilant when receiving unusual emails or clicking on links for downloads.
Develop a solid business continuity plan: Even with a data backup and restoration plan in place, it often takes time to remove the ransomware and assume normal operations. In the meantime, your company should have a plan in place to maintain essential functions, communicate with key employees, and inform customers, vendors, and the public about your response to the cyberattack. Businesses should consult with legal counsel to develop their plans and ensure they meet any regulatory requirements.
Verify your insurance coverage: While many commercial general liability (CGL) policies provide coverage for business disruption, insurers are increasingly excluding cyber-related incidents. Specific cyber insurance policies often cover the cost of the ransom money paid and provide incident response assistance. Because the terms of individual policies vary, businesses should consult with experienced counsel to verify what types of cyber incidents are covered and identify any potential gaps in business insurance coverage.
If you have questions, please contact us
If you have any questions or if you would like to discuss the matter further, please contact me, Maryam Meseha, or the Scarinci Hollenbeck attorney with whom you work, at 201-896-4100.
Let`s get in touch!
Sign up to get the latest from the Scarinci Hollenbeck, LLC attorneys!
