For those outside the world of cyber security, the term ‘risk surface area’ probably won’t mean much.
But with millions of UK staff working from home for weeks or possibly months ahead, it is something which has suddenly become much bigger.
The ‘risk surface area’ covers all the elements of an IT system that cyber attackers can target through phishing, ransomware, malware infections and denial-of-service attacks.
Although technology is helping many businesses and organisations keep going during the current crisis, the dramatic shift in working patterns sadly means the risks of attacks have also ramped up.
Spike in breaches
Cyber-criminals have been quick to seize on the opportunities with a spike in breaches already being seen, including successful ransomware attacks designed to take advantage of heightened fears around the Covid-19 pandemic.
Since February, the UK’s National Fraud Intelligence Bureau, which focuses on financially-motivated cyber-crime, has identified more than 20 incidents where coronavirus was mentioned with victim losses totalling more than £900,000.
As far back as January, bogus emails purporting to be from official sources warned recipients to be aware of the threats of the virus. Those who fell victim entered sensitive details into what they thought was a genuine Office 365 site.
Another scam involves a ‘Covid-19-Tracker’ Android app which claims to geographically track new outbreaks and highlight areas to avoid. However, when downloaded the ransomware locks mobile phones with users then asked to pay $100 in Bitcoin in order to access their device again.
The risks posed to the NHS from cyber-attacks, at what is an unfamiliar and difficult time, are particularly concerning. In 2017, computers in hospitals across the UK were crippled in the global WannaCry attack. That attack is estimated to have cost the NHS £92m, but the price of a similar attack in the weeks ahead could be much significant in terms of human lives.
Simple steps to reduce risks
Although a cyber-attack can have very serious consequences, the steps to dramatically minimise the risk, and for staff to maintain good ‘cyber hygiene’ are relatively simple – the technology equivalent of hand-washing.
For example, a password lock on a phone can help prevent ransomware attacks like the Covid-19-Tracker. Regularly reminding staff that ‘if it looks wrong it probably is’ can dramatically reduce incidents of them clicking on something they shouldn’t.
There is wealth of information out there from reliable sources such as the National Cyber Security Centre (NCSC) which has guidance on home working as well as a ‘Top Tips for Staff’ e-learning course.
- Apply patches and security updates as soon as possible. Anti-malware should be updated using a ‘push’ rather than ‘pull’ regime and scans carried out automatically.
- Ensure staff are aware of how to spot potential attacks and that an effective reporting procedure is in place.
- Remind staff to make sure they are not being overlooked when working in a public environment.
- Ensure devices can be remotely locked, data erased or backups retrieved.
- Ensure credentials including tokens are securely stored and changed when required.
- Use encryption tools to protect stored data and secure connections such as a VPN for data in transit.
As we all now take steps to protect ourselves and others from the health risks of Covid-19, it is important to also do the same against those who will look to use the crisis to expose our IT vulnerabilities.
In a series of upcoming articles, Gemserv will be looking in more detail at the ways to help organisations and their staff stay safe and work productively.