As governments and businesses struggle with COVID-19, their digital infrastructure and data systems are targets for cybercriminals. Now more than ever, businesses need to reconsider how they view cyber attacks.
Cyber Attacks Are Not Considered Part of Disaster Recovery Plans
Cyberattacks have more in common with biological attacks than other types of attacks. What I mean by that is, it takes a while to understand when and how an attack has happened. Government agencies and business owners must develop a new way of understanding disaster recovery. In a natural disaster like a hurricane, a fire or an earthquake, restoring infrastructure could require investing in reconstruction. Recovering from a cyber attack, however, requires a more robust approach.
When a business experiences some disaster, it should work to mitigate the damage and risk to its employees and the business itself. Unfortunately, there are businesses using outdated and vulnerable computer systems and that makes them more vulnerable to a cyber attack.
When , for example, a hacker attacks a financial firm for valuable information, restoring a secure network environment could replacing devices, a digital forensics investigation, and policy changes to properly contain it.
Cyber Attacks Are Getting Worse
We know cybercriminals are targeting hospitals and even private organizations with malware. In fact, over a third, or 34 percent, of malware based cyber-attacks during the first quarter of 2020 were ransomware attacks. Government agencies were hit even harder accounting for 21 percent of all malware attacks.
Ransomware attacks succeed because cyber criminals leverage unpatched systems and vulnerabilities left unattended by all of these institutions. Due to the lockdown in March 2020, IT and security personnel aim to support remote workforces as more business closed to avoid infection. Some companies were prepared for the transition but many companies in very vulnerable industries struggled to keep up.
In late April of 2020 Ransomware attacks shut down Parkview Medical Center’s IT Network in Colorado. This attack caused numerous IT network outages while they worked to treat patients for COVID-19.
A third party forensics team investigated the cyber breach and it may take months to understand the consequences of the breach itself.
Developing A Strong Business Continuity Plan
Building a proper continuity plan requires reevaluating priorities as remote work becomes the standard for many businesses. More and more industries are relying remote operations meaning hackers are using the resulting struggle and confusion to attack systems made vulnerable from the transition.
As we’ve seen, depending on the severity of the attack, it could lead to a variety of problems like systems failures, power outages and huge disruptions.
In the event of a cyber attack a business leader should know:
- When the call should be made
- what information should be provided
- And how to create a cooperative environment between members of the company and cyber experts investigating the breach.
Make Disaster Recovery a Practice
After this is properly explored by the company, it should be communicated to all employees and tested frequently. You should always be testing, improving and adapting your disaster recovery plan so that employees and personnel in the company are aware of their role in resolving a breach.
This will go a long way in improving company culture and staving off a cyber threat.
Incorporating protocols addressing the steps your business is required to take in the event of an attack is pivotal. All businesses know (I hope) what to do in the case of a fire or a electrical outage. Unfortunately, not many have a measured plan for how to take on cyber attacks.
When developing a strategy answer these questions:
- Who should I contact first?
- How I do to identify what was stolen?
- What measures are in place to prevent an attack in the first place?
Why Cyber Criminals Attack
Obviously, those are basic questions that won’t sufficiently prepare you for an attack but the point is business owners don’t even think about them. What tends to happen is a business owner will put off developing a disaster recovery plan for cyber attacks until an attack happens. From there on it’s a scramble and fumble to fix everything at once without a strategy. If you’ve ever experienced a cyber attack you know how chaotic it can be when it’s uncovered. In some cases, hackers attack franchises like Wawa.
Other cases it’s large companies like DoorDash. But the most often, hackers target medium and small sized businesses. The reason is simple. Smaller businesses don’t have as many resources and might have weaker systems as a result. Furthermore, hackers assume they don’t have enough capital properly investigate a breach if it happens. And best of all, the target will be small enough that an attack will fly under the radar and go unnoticed by investigators and authorities.