On Tuesday, May 5, the security agencies in the United Kingdom and the United States issued a warning, reporting a significant rise in malicious cyber campaigns.
The UK’s National Cyber Security Centre (NCSC) and US Cybersecurity and Infrastructure Security Agency (CISA) advised that the focus of these hacking attempts were organisations involved in the coronavirus response — national and international health care bodies, pharmaceutical companies, research organisations and branches of government.
Malicious groups and individuals seek to exploit this situation whilst business talents are intensely focused on business survival, cash flow and scenario planning, and while teams are physically dispersed due to remote working. As guards may be down during pandemic, ‘advanced persistent threat’ groups aim to breach security systems and collect personal information, intellectual property and other intelligence related to the coronavirus outbreak and the development of a vaccine.
The main technique hackers use is known as password spraying: an attempt to access a large number of accounts using commonly known passwords.
Both Security agencies expect the frequency of coronavirus-related cyber-attacks to increase over the coming months. It’s reasonable to anticipate that other sectors and businesses will be targeted possibly for commercially sensitive financial data — especially because large and small companies share data via the new normal of teleworking networks.
We’re all vulnerable. Below is a catalogue of tools and resources to act against this renewed threat.
Cybersecurity resources to increase your knowledge and protect your organisation.
- The CGMA Cybersecurity Tool improves security by enabling you to identify risks, develop or refresh a cyber-risk culture, and formulate remedies and cyber resilience strategies.
- So, You’re Under Attack is a webinar that offers a simulation experience and solution-finder regarding the financial and business impacts of a cyber-attack. This webinar reveals how a CFO and finance team can mitigate financial risks associated with a catastrophic cyber-attack that digital defences failed to stop.
- Cyber Security in 45 seconds is a series of short YouTube videos, presenting tips on assessing your cybersecurity risk, using multi-factor authentication, applying patches and recognizing phishing scams.
- What you need to know about cybersecurity presents relevant and timely aspects of cybersecurity in a 12-minute Facebook video.
- The Cybersecurity Fundamentals for Finance and Accounting Professionals instructional video presents fundamentals of cybersecurity to bring teams up to speed on digital transformation, and information security and vulnerability.
These resources will enable you to address risk issues and establish a cyber resilience strategy to help you prepare to come out of lockdown and restore your business.
More assistance and insights can be found here: