An uptick of coronavirus-themed cyber attacks on hospitals, pharmaceutical laboratories and even the trucking industry in recent weeks reveal the need for businesses to double down on security to ensure their networks are protected, a leading cyber security expert said.
Many of the attacks were ransomware, holding companies鈥 network systems hostage until a payout was made.
Some companies, particularly small and mid-sized businesses, might not survive such an attack, said John Zanni, CEO of Scottsdale-based Acronis SCS, a in edge data security and cyber protection in the U.S. public sector.
鈥淭he pandemic has increased impacts on businesses significantly. Unfortunately, many are not equipped to deal with them,鈥澛爏aid Zanni, whose company caters to public sector entities including local, state and federal government organizations as well as branches of the U.S. military.聽
Zanni strongly advises organizations to beef up network safety. The cost is minimal and today鈥檚 technology is highly effective.
A large organization that has its IT system knocked out can pay in the 鈥渉undreds of thousands to millions of dollars鈥 to fly in a forensics firm to fix the damage, Zanni said. For smaller private sector entities, the cost can put them out of commission.
鈥淚f someone breaks into your business, you call 911,鈥 he said. 鈥淚f you call 911 and say, 鈥業鈥檓 suffering a ransomware attack,鈥 they don鈥檛 know what to do. It鈥檚 a big problem.鈥
COVID-19 has brought the issue into the limelight as more employees work from home, doctors conduct telemedicine appointments, and online purchases soar.
Cyber criminals wreaking havoc with the word 鈥渃orona鈥
Under COVID-19, cyber criminals are having a field day, honing in on companies in countries like the United States that are in the throes of fighting the virus.
To illustrate the threat, only 190 domain names included the word 鈥榗orona鈥 last year, Zanni said. In March, there were more than 30,000.
鈥淪ome are legitimate but most of them are not,鈥 he said. 鈥淲e鈥檝e also seen a 127 percent increase in exposed desktop protocol endpoints.
鈥淪o now we鈥檙e all working at home and the bad guys have realized there are a lot of holes in being connected to a corporate network or other business from home systems.鈥
Anyone with connectivity is at risk. Phishing scams claiming to be from the Centers for Disease Control and the World Health Organization are a common ruse right now.
Government agencies number one target
While all businesses are at risk, the majority of cyber attackers target government agencies in search of sensitive data, Zanni said. That impacts businesses as well.
When Baltimore had to shut down operations after a cyber attack last year, companies were unable to carry out everyday transactions like getting permits approved and bills paid. The city lost millions of dollars in potential and delayed revenue.
Atlanta and New Orleans also were hit by cyber attacks in the past two years, also costing millions of dollars in recovery costs.
Lawmakers starting to act
Attacks like these are prompting new state-level policies regarding whether government agencies should be permitted to pay ransoms in ransomware attacks.
Last year, Congress also introduced the to use the federal government鈥檚 procurement power by requiring that devices purchased by the U.S. government meet certain minimum security requirements. That could lead the way for manufacturers to include security in all devices.
It鈥檚 one of many cyber security bills awaiting action in Congress.
Concerned over the rash of COVID-19-related threats, a of major tech groups also is asking Congress to allocate a portion of the next coronavirus stimulus bill to help local and state governments to defend against the costly attacks.
All-in-one solution for online security
Meanwhile, companies can protect themselves with minimal investment in solutions that do more than just block viruses and malware, Zanni said.
Acronis SCS and its international parent company, Acronis AIG, are the first to provide integrated security features in one package, he said.
In addition to endpoint security features like anti-malware and anti-ransomware, they provide backup, disaster recovery, storage, and patch management capabilities. While Acronis SCS exclusively serves US public sector organizations, Acronis AIG serves the commercial market. With Acronis AIG, small and medium-sized businesses with a larger server will pay about $1,500 a year. For a home user, the cost is about $50 per year.
Multi-step authentication to become the norm
In the near future, extra security measures will become the norm, Zanni believes.
COVID-19 is accelerating the need for it. Gone are the days when people left their doors unlocked and their keys in their cars, he said.
Digital devices are moving in a similar direction, he said. A safe login and password will no longer be sufficient. Dual factor authentication and integrated cyber security protection will become business as usual.
鈥淭his is just as important as locking the doors of your business at night.鈥
Add comment