Ransomware attacks are taking a toll on numerous organisations, and the COVID-19 crisis is causing hackers to shift into high gear. Are you prepared to deal with an incident?
Cybersecurity in particular is very relevant these days, as malicious actors are using the fear, uncertainty and doubt around COVID-19 to create their own epidemic of hacking attacks: we’ve seen over 50,000 malicious domains created in just one week, and every day three to four new large-scale phishing campaigns are launched (of up to 200,000 emails sent at a time), trying to persuade users to click malicious links, enter their credentials on fake websites, or download malware, often masquerading as government announcements, charity or a cure for COVID-19.
In this crisis, we see three priorities for organisations with regards to cybersecurity:
There’s no silver bullet solution to protect your organisation and its IT infrastructure from hackers. However, we do see that implementing basic IT and security hygiene is effective in considerably reducing the risk of ransomware attacks.
Do you have visibility on your entire IT estate, and are all systems fully patched? For many IT teams, this is a huge challenge. Also, have you applied hardening? This is especially key for any system with remote access, or internet-facing applications and services.
Since most attackers use similar kill chains, an increased focus on a limited set of security measures, both in the protection and monitoring dimensions, proves effective in protecting against typical ransomware attacks. For instance, have you implemented a proper end-point protection solution? Different solutions cater to different risks, but as workforces are now working remotely, the bar is raised again.
Attackers often try to use your people as a first point of entry. How strong is your human firewall? As phishing and business email compromise attacks are on the rise, what have you done to raise and maintain security awareness?
Make no mistake: it's not if, but when! Teams that are prepared for incident response will make a huge difference in speed and efficiency when you get hit. Do you have playbooks to deal with common types of incidents? Do you have the tools to look for indicators of compromise? And, absolutely critical: have you recently tested the coverage and effectiveness of your backup arrangements?
For many organisations, remote working has become the norm for most if not all of their workforce, and VPN and network capacity constraints in some cases have had to be dealt with. As remote working practices need to be sustained for more than just a couple of weeks, the current crisis also represents an opportunity for digital upskilling of the workforce and the introduction or further use of digital (collaboration) tools.
Although some projects have had to be suspended, this can free up resources for other initiatives, like the roll-out of digital signing solutions, or additional virtual collaboration and workflow tools to go beyond remote access to systems alone, to drive progress on the digital transformation of your organisation.
PwC can help you in all of these domains, with multidisciplinary expertise and a pragmatic proven approach to make change stick. We never focus on technology solutions alone, but always consider the people and process factors as well.
In the current context, we’ve highlighted a number of services that can help you quickly assess key security foundations, mostly remotely, with minimum extra work for your IT teams:
We offer several other quick diagnostic assessments (e.g. of your Wi-Fi or active directory, or a phishing exercise). Visit our Cybersecurity and Privacy page for a more comprehensive overview of our services. For an audit or a more general assessment of your current situation, we also offer a broad range of IT risk and assurance services.