Protecting your business from cyberattacks post-COVID-19

by | Jun 8, 2020 | Covid-19, Cybercrime

Topics Covered Click a topic for similar articles


Following the most recent government announcement further relaxing the lockdown measures in the UK, thousands of businesses are re-opening and returning to offices. But, with so many businesses getting their systems back up and running at full capacity again, the risk of cyberattacks could be just as high as when the COVID-19 pandemic first began.

Interviewed by, David Hough, a Technology specialist at tax firm Blick Rothenberg, said: “We have all sorts of evidence that the threat from cyber criminals is rife and that they will take advantage of re-opening businesses.” Companies should tread carefully as they ramp back up; regardless of whether they’d transitioned to remote working or had ceased activities altogether.

Common attacks already being reported, according to Hough, include phishing emails offering taxpayers COVID-19 tax refunds and inviting the receiver to click a link in order to make a claim. These coronavirus-specific scams are also being delivered by phone call, text message and WhatsApp, either offering tax refunds or imposing fines for breaking lockdown rules. HMRC never uses these methods of communication and receivers should ignore and delete any communication like this, refraining from clicking links or interacting with the message in any way. If you suspect a message or call is a scam, you should report the details immediately to HMRC at

Phishing emails aren’t the only types of attack on the rise at the moment. Hough added: “Business systems could have been hacked while staff were furloughed, ready to be exploited when individuals return to work, so it is important that security is up to date and software subscriptions have been paid”.

Hough also explained that criminals will be looking to exploit vulnerability in a similar way as when the pandemic began: “Cyber criminals will be looking to attack businesses from every angle and will be looking for weaknesses in not only technology but also the way in which they operate, especially those companies that suspended operations for a period. People will be under pressure when they get back to work to get the business going and to start generating revenue, but they need to make sure that they don’t compromise their situation by rushing and not taking the necessary steps.”

So how can businesses remained protected as they shift back into operation and offices?

Having a pro-active and versatile security strategy with regular review periods is key during this turbulent period of change. Calvin Gan, Tactical Defence Unit manager at cybersecurity firm F-Secure, told that: “An effective cybersecurity defence should be turned into a real-time, proactive, and adaptable process instead of a reactive one. Without this, we would expect to see companies shifting their cyber security posture ad-hoc or in a hasty manner when a need arises again. We already saw this as companies had to adapt to having remote workforces. Now is the time to get ahead of the game.”

In addition to computer security, physical security devices in offices like CCTV and biometric scanners should also be monitored and checked closely for tampering.

It is also vital that employees are clearly warned and well educated on the risks. Attacks occur on PC’s, laptops and smart phones via email, text, call or sometimes even post and can be hard to spot, so providing employees with training on how to identify attacks and what to do if they suspect a scam has never been more important.

As the UK begins to revert back towards its previous state of ‘normality’, it is important that businesses remain vigilant when it comes to cyber security. Hough concluded his interview with by adding: “Businesses and individuals now have to be on their guard as we come out of lockdown and gradually get back to work. The Governments ‘Stay Alert’ statement is just as relevant to keeping us safe from an IT perspective as it is to one of health”.

Related Articles

Four steps to creating a comprehensive disaster recovery plan

Four steps to creating a comprehensive disaster recovery plan

Ransomware attacks are becoming more frequent, and it is expected that a business will be attacked every 11 seconds by the end of 2023. Based off this statistic, it is no longer a case of ‘if’ your business will fall victim to a cyberattack, it is a case of ‘when’....

What is Identity and Access Management (IAM), and why is it important?

What is Identity and Access Management (IAM), and why is it important?

In order for employees to work productively, it is essential that they have access to the files and tools required to do their job. With this being said, it is also possible for an employee to have too much access, which can lead to major security issues. The process...

What is a CRM and how can it help your business?

What is a CRM and how can it help your business?

What is a CRM and how can it help your business? Regardless of the size of a business or the industry it operates in, the key to a business’s growth is its customers. For a business to be successful it needs to manage their customers effectively and efficiently. For a...