Cyber criminals haven’t gone away

  • 19 Jun 2020
  • Jim

Our crisis bandwidth has been swamped by coronavirus. As Secretary of State Kissinger once famously said: “There can't be a crisis next week, my schedule is already full.

Unfortunately, cyber-criminals don’t see it that way and continue to be a menace. If anything, homeworking seems to have encouraged them in the belief that there are new easy opportunities for them to make money, demand ransoms and steal data.

Here are just three ways hackers target staff working from home.

Router takeover

  • Hackers scan the internet and find routers with weak passwords or where manufacturers passwords have not been changed.
  • They crack the password and install so-called sniffing software.
  • They capture data which includes usernames and passwords.

Printer attack

  • Hackers send an email to your printer that contains malware.
  • The printer is compromised.
  • The printer scans your network to find a computer with limited protection.
  • The malware installs a keylogger on the PC that reads your keystrokes.
  • The keylogger captures passwords, usernames and more.

Wifi hijacking

  • Hackers scan for wifi with no or weak passwords.
  • They connect to your wifi.
  • They scan for devices.
  • Hackers pick up video feeds from CCTV, nanny cams and other IOT devices.

Compared with domestic systems, office networks are generally far more resilient and difficult to penetrate. Certain IP addresses will be blacklisted and there may be an IT team present whose job it is to watch out for potential cyber breaches. 

How do you keep your business cyber-crisis ready in these uncertain times?

One answer is to run a crisis simulation exercise that is both realistic and rigorous. A challenging simulation will test a crisis management team’s decision-making, their ability to prioritise and their skills at handling complex and ever-changing information.

A successful crisis exercise now deploys media that replicates the real world: TV news broadcasts, print news stories, social media, internal company messages, external statements and emails. It will also likely be run in part remotely with executives joining from various locations.

To test a company’s people, teams and plans, a successful crisis exercise should feel like the real deal but leave participants in better shape to handle a real cyber-crisis. Coronavirus hasn’t gone away yet, but neither have the cyber criminals.

Working in conjunction with the BCI the author Jim Preen, YUDU,  will be hosting a webinar on 2nd July where he will run a cyber-crisis simulation exercise. A fictional bank is under attack from hackers and all those who attend are part of the crisis management team. Click on the button below to register!

 

More on
About the author

Jim Preen

Crisis Management Director, YUDU Ltd