Data breach cases spike as more of us work from home
With more people than ever now working from home, a growing concern for both businesses and individuals alike is the increased risk of cyber security incidents. And rightly so, as new figures from The National Cyber Security Centre’s annual review reveal that over a quarter of reported data breach incidents were related to Covid-19.
The report also shows a spike in the number of incidents between September 2019 and August 2020, with 200 out of the 723 cases reported showing links to Covid-19. And with a second national lockdown now in place, we can only assume these figures will continue to rise.
It is important to remember that on top of this, many data breach victims may also be unaware at this stage that a breach has taken place so figures will very likely be significantly higher than we realize.
As well as working from home being a huge factor in this rise due to potentially substandard security measures, academic institutions have also been targeted which NCSC are working hard to combat. According to the report, common ransomware infection vectors have included remote desktop protocol (RDP), vulnerable software or hardware, and phishing emails.
The McAffe Labs Threats Report further supports this unsettling spike, showing a massive 605% increase in Covid-19 themed attack detection. During this past quarter, McAfee saw an average of 419 new threats per minute.
Chris Ross, the senior vice-president of international sales at Barracuda Networks is predicting another spike in cases as we go into a second lockdown and thinks that organisations need to be more resilient with this issue.
“Barracuda researchers saw three main types of phishing attacks using Covid-19 themes at the beginning of the last national lockdown — scamming, brand impersonation, and business email compromise. Barracuda Sentinel detected 467,825 spear-phishing email attacks through March, and it is possible that another spike like this may occur throughout November.
“Scams that endeavour to extract important updates are often very sophisticated and convincing spear-phishing attacks, which are designed to trick individual employees into a false sense of security, before convincing them to willingly hand-over their own private or company data. Tackling this problem and keeping information secure requires robust policies and an overhaul of staff training, and highly sophisticated email inbox defence security which also leverages artificial intelligence, in order to identify and block hacking attempts before they even reach the recipient.”
With working from home now becoming the new normal, it is certainly something to bear in mind and be vigilant of.
If you or someone you know has been a victim of a data breach, Covid related or otherwise, please get in touch today here.