Beazley Cyber Update Reports a 25% Increase in Ransomware Attacks

On June 9, Beazley Breach Response (BBR) Services released their quarterly breach insights report for the first quarter of 2020, detailing cyber attack trends emerging amid the COVID-19 pandemic.

Here are some new scams to look out for and how organizations shifting to an entirely remote workforce can protect their data and networks.

Key Figures: Overall, BBR Services noted a 25% increase in the number of reported ransomware incidents compared to the last quarter of 2019. The manufacturing sector was hardest hit, notching a 156% increase in such attacks, while service providers for banks, credit unions and health care organizations — typical ransomware targets — also reported a spike in incidents.

Curiously, business email compromise attacks dropped by 16%.

The decrease is attributed to two possible factors: Employees shifting to remote work were initially less responsive to email as they navigated the challenges that come with blending their personal and work lives; or employers were less diligent about identifying and reporting incidents as they shifted their attention to setting up an efficient remote workforce.

New Scams to Watch: The uncertainty and disruption caused by the pandemic have served as new attack vectors for scammers looking to take advantage of people’s heightened anxiety.

Security awareness training firm KnowBe4 tracked the influx of new COVID-19-related email phishing templates and found that over the last two weeks of March, new templates jumped from roughly 25 per week to 100 per week.

The most common types of scams include:

• Emails or text messages that appear to be from authoritative sources like the White House, CDC or WHO with fraudulent links to updated guidance on the coronavirus. Clicking on the link downloads malware onto the victim’s computer.
• Emails or text messages inviting recipients to register for their stimulus payment under the CARES Act. Victims are asked to fill out a questionnaire with their name, social security number and bank account information so that a payment can be deposited — a step that is not required to receive a stimulus check.
• Social media campaigns inviting users to enter a giveaway where they can win various products, gift cards or cash prizes. Applicants are likewise asked to fill out a survey with personally identifiable information. These campaigns are far-reaching; many require applicants to share a post with their network in order to be considered.

What Could Come Next: Unfortunately, cyber thieves are not choosy in the crises they exploit.

Though this report was released prior to the rise of civil unrest across the U.S., it’s likely that the movement for racial justice will similarly create opportunities for scammers to steal private financial information.

Emails prompting recipients to donate to city bail funds, Black Lives Matter and other related organizations could easily contain fraudulent or malicious links. It remains to be seen whether there will be an increase in ransomware and phishing attacks related to this movement.

How to Protect Yourself: The sudden shift to remote work has increased exposure to cyber attacks. Employees working on personal devices lack the endpoint protections and regular security patches that IT teams provide on internal company networks.

As much as possible, companies should try to bring the same cyber security protections they deploy in-house to their now-dispersed workforce. That includes:

• Using a VPN instead of relying on multiple, potentially public networks.
• Requiring multi-factor authentication (MFA) for company systems.
• Disabling remote desktop connections where they are not necessary or requiring a very strong password and MFA where they are.
• Working with employees to regularly patch their personal devices and personal networks.
• Conducting regular security awareness training that includes updates on emerging scams.

The Takeaway: Ransomware and phishing schemes are likely to increase as disruption, uncertainty and unrest continue. Companies and individuals need to remain vigilant and follow cyber security best practices to reduce their exposure to these scams. &