Protecting your business from cyberattacks post-COVID-19

by | Jun 8, 2020 | Covid-19, Cybercrime

 

Following the most recent government announcement further relaxing the lockdown measures in the UK, thousands of businesses are re-opening and returning to offices. But, with so many businesses getting their systems back up and running at full capacity again, the risk of cyberattacks could be just as high as when the COVID-19 pandemic first began.

Interviewed by businessleader.co.uk, David Hough, a Technology specialist at tax firm Blick Rothenberg, said: “We have all sorts of evidence that the threat from cyber criminals is rife and that they will take advantage of re-opening businesses.” Companies should tread carefully as they ramp back up; regardless of whether they’d transitioned to remote working or had ceased activities altogether.

Common attacks already being reported, according to Hough, include phishing emails offering taxpayers COVID-19 tax refunds and inviting the receiver to click a link in order to make a claim. These coronavirus-specific scams are also being delivered by phone call, text message and WhatsApp, either offering tax refunds or imposing fines for breaking lockdown rules. HMRC never uses these methods of communication and receivers should ignore and delete any communication like this, refraining from clicking links or interacting with the message in any way. If you suspect a message or call is a scam, you should report the details immediately to HMRC at phishing@hmrc.gov.uk.

Phishing emails aren’t the only types of attack on the rise at the moment. Hough added: “Business systems could have been hacked while staff were furloughed, ready to be exploited when individuals return to work, so it is important that security is up to date and software subscriptions have been paid”.

Hough also explained that criminals will be looking to exploit vulnerability in a similar way as when the pandemic began: “Cyber criminals will be looking to attack businesses from every angle and will be looking for weaknesses in not only technology but also the way in which they operate, especially those companies that suspended operations for a period. People will be under pressure when they get back to work to get the business going and to start generating revenue, but they need to make sure that they don’t compromise their situation by rushing and not taking the necessary steps.”

So how can businesses remained protected as they shift back into operation and offices?

Having a pro-active and versatile security strategy with regular review periods is key during this turbulent period of change. Calvin Gan, Tactical Defence Unit manager at cybersecurity firm F-Secure, told businessleader.co.uk that: “An effective cybersecurity defence should be turned into a real-time, proactive, and adaptable process instead of a reactive one. Without this, we would expect to see companies shifting their cyber security posture ad-hoc or in a hasty manner when a need arises again. We already saw this as companies had to adapt to having remote workforces. Now is the time to get ahead of the game.”

In addition to computer security, physical security devices in offices like CCTV and biometric scanners should also be monitored and checked closely for tampering.

It is also vital that employees are clearly warned and well educated on the risks. Attacks occur on PC’s, laptops and smart phones via email, text, call or sometimes even post and can be hard to spot, so providing employees with training on how to identify attacks and what to do if they suspect a scam has never been more important.

As the UK begins to revert back towards its previous state of ‘normality’, it is important that businesses remain vigilant when it comes to cyber security. Hough concluded his interview with businessleader.co.uk by adding: “Businesses and individuals now have to be on their guard as we come out of lockdown and gradually get back to work. The Governments ‘Stay Alert’ statement is just as relevant to keeping us safe from an IT perspective as it is to one of health”.

Related Articles

How SMBs can benefit from an eSignature solution

How SMBs can benefit from an eSignature solution

Small and medium businesses are constantly looking for ways to deliver excellent customer service, whilst saving time and money. To achieve these goals, businesses look towards digital technologies to transform the way they work. An example of this is an eSignature...

Why businesses should implement single sign-on (SSO)

Why businesses should implement single sign-on (SSO)

Businesses typically have subscriptions to many different cloud services, including everything from Microsoft 365 products to workforce management software. With so many cloud services requiring unique login credentials, employees often reuse passwords between...

~ Your 2023 guide to migrating SQL Server to Microsoft Azure

~ Your 2023 guide to migrating SQL Server to Microsoft Azure

As Microsoft SQL Server 2012  reached its end of life in 2022, businesses still using the service will have to upgrade their SQL server to a more recent instance or migrate to Microsoft Azure. If businesses do not upgrade or migrate, they will no longer receive...