Cyber attacks are estimated to have spiked more than 30% in the past few weeks. There are three primary reasons - first, the flow of money coming from the Feds is an attractive target for criminals, and they're using COVID-19, the CARES Act, and the Payroll Protection Plan as lures to hook you and reel you in. Once hooked, the common attacks took hold, whether they be credential harvesting, malware injections, or in other cases ransomware attacks, just to name a few. Their intent has been to redirect funds coming to you or steal your personal information for use on other sites or to sell to others.
Sadly, they've often been successful, and here's why. All of this change creates confusion, and they're able to capitalize on that. They're also are adept at leveraging our fear. They know, and you should too, that whenever we are in a psychologically vulnerable state, we're more prone to fall for a cyber trap. Defining a "psychologically vulnerable" state is broad reaching, but for our purposes we can hone in on times of fear, uncertainty, anxiety, and times of contentment and relaxation. Not many of us are experiencing the latter right now (got kids?), so the attacks we're seeing are taking advantage of our fears.
It's great to understand why we're being attacked so often right now, but what do we do about it? Here are three basic steps and tools to consider. First, and most importantly, if you and your kids are working/schooling from home, you need to build a perimeter defense. It's not enough to protect each computer on your home network. There are too many other connected devices on your network that you have little to no ability to protect. The best home defense needs to include a firewall that allows for an antivirus subscription - and you need to pay for it. If you're firewall doesn't offer it, then we strongly encourage you to upgrade. Second, when you're connecting to external networks, like your office, you should be using a virtual private network (VPN) connection. Many firewalls include this configuration option, many companies provide a software application from their host firewall, but if those aren't available, then both Norton and Malwarebytes offer software based VPNs that are simple, inexpensive, and effective.
Of course the old rules apply. Don't click links in emails. Don't open attachments. Don't share personal information with ANYONE calling you that you don't know. Better, enter the domain name of the organization who sent you the email and path to the link manually. If you receive a call from the "IRS", get a case number or agent ID, and call the number posted on IRS.GOV.
Look, a 30% increase in attacks that are already increasing double digits every year is a significant spike. Getting the proper hardware and configuration in place is critical to keep your finances and personal information protected. If you want assistance or have questions about how to lock down your home, we can help. Just give us a call and let us know what you need.
Be safe. Don't panic. Wash your hands. 🙂
If you have any questions or if you are concerned about your organization's cybersecurity, give us a call at (800) 970-0402. We'll be happy to help.
For more HIPAA information, download our ebook - The Ultimate HIPAA Compliance Handbook.
The HIPAA Security Rule requires the implementation of a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.