In the aftermath of a natural disaster, cyber-attacks like phishing scams and other forms of social engineering become more common. Cyber criminals use social media and email scams to exploit individuals empathy and desire to help.
Businesses, whether they are large or small, are also at risk of cyber-attacks and security breaches after a natural disaster because IT systems often end up damaged or compromised. If the damage is substantial, this can set a company back month and forces the IT team that works to monitor cyber breaches to focus on rebuilding internal architecture. This is how cybercriminals exploit natural disasters.
Maintaining data secure means knowing the natural risks that could affect your facilities and/or data centers.
Data companies at risk of natural disasters must implement a hurricane contingency plan and make the appropriate adjustments to their infrastructure to withstand whatever natural disaster threatens them.
Companies like Data Foundry Inc. in Houston, Texas build their data centers to withstand winds of a category 5 hurricane.
Keeping your business protected from storms and earthquakes will only go so far however; it is important that you keep vigilant and are privy to the scams used by cyber attackers in the wake of a disaster. The US Federal Trade Commission, US-CERT, Federal Management Agency and the National Cybersecurity and Communications Integration Center (NCCIC) issued alerts on scams associated with natural disasters.
The most recent example of phishing scams were related to Hurricane Harvey in 2017. US-CERT advised users to stay cautious when handling emails, hyperlinks and attachments related to the storm. Fraudulent emails will often be unsolicited and, in many cases, claim to represent a charity looking to raise funds towards a cause or victim relief.
If you do receive emails or messages from charitable organizations, always make sure they’re legitimate. If you don’t recognize the organization, assume it is a potential phishing attempt and research the charity extensively. Many cyber attackers will go as far impersonating the victims of a natural disaster asking for charitable assistance.
If you or your business are looking to assist victims of natural disasters or charities, it’s best to stay away from links provided through email or social media. Always type out the website of the organization you’re looking to support, a link can be misleading or a fraudulent spoof.
Legitimate organizations will never ask for personal banking information or a social security number. If you receive a phone call, exercise the same level of precaution you would towards an email or a link. Scammers impersonate charities through the phone as well. Always research the organization.
The US Department of Homeland Security recommends organizations to develop business continuity plans that would address what to do in the result of a natural disaster. That being said, many back-up systems don’t have the same security protections that exist in the primary system or in a live environment. This makes them vulnerable to cyber-attacks.
Taking the necessary steps to protect your data begins first with awareness. Be aware of the location you’re operating out of in order to develop an effective continuity plan as well as being aware of the types of cyber schemes that may arise as a result of a natural disaster like a hurricane.
Download Nerd Support’s free e-book to learn more about how to protect your business in the coming months as hurricane season begins.
Are you hurricane ready ?
Find out today