Advertise Here
Icon

Directory

IconActuaries
IconAssociations & Institutes
IconAuditors
IconBBBEE Consulting and Verification Agencies
IconBenefit Administrators & Investment Managers
IconBusiness Chambers
IconBusiness Process Management
IconBusiness Process Outsourcing
IconCompliance
IconConsumer Protection
IconCorporate Governance
IconCredit Bureaus
IconDebit Order Collection Facilities
IconEducation and Training
IconFAIS
IconHuman Resources
IconInformation Technology and Software Partners
IconLegal
IconOmbud
IconPension Fund Trustee Liability Insurance
IconPension Fund Trustee Training
IconPension Funds Adjudicator
IconPolicy Administration
IconPolicy Trading
IconPublications
IconRegulatory Authorities
IconRetirement Funds registered by the FSB
IconRetirement Products
IconSocial Grants (Government)
IconSurveys and Research
IconTraining Courses & Workshops
IconTrust Establishment & Management
IconWellness Programs
Image
  Subscribe To »

Coronavirus: Fighting the rise in cyber criminals from the home office

Published

2020

Tue

12

May

 

With many people working remotely because of the coronavirus outbreak, the number of cyber incidents is increasing as hackers, scammers and spammers look to exploit vulnerabilities in an attempt to steal valuable information. In response, AGCS experts highlight a number of measures that can help employees to better combat the cyber challenges Covid-19 brings.

Coronavirus is changing how people work and interact every day. Many companies have needed to expand their remote working capacity as a result of the outbreak – and usually at very short notice. In order to provide as many employees as possible with easy access to operating software and systems quickly, in some cases IT security standards may have had to be lowered or suspended, resulting in potential cyber security exposures for companies.

One consequence of potentially laxer security may be that cybercriminals and hackers may find it easier to penetrate previous effectively protected corporate systems, causing data breaches, cyber blackmail intrusions and IT system failures. It is estimated that anywhere between 50% and 90% of data breaches are caused or abetted by employees, be it by simple error or by falling victim of phishing or social engineering.

According to the Allianz Risk Barometer, an annual survey of more than 2,700 risk management experts around the globe, cyber risk already ranked as the number one threat for businesses in 2020 before the coronavirus outbreak, driven by concerns about data breaches becoming larger and more expensive; ransomware incidents bringing increasing losses; and Business Email Compromise (BEC) or spoofing attacks, which typically involve social engineering and phishing emails to dupe employees into revealing confidential or valuable information, increasing in frequency. BEC attacks have resulted in fraudulent losses in excess of $20bn since 2016.

Unfortunately, the significant increase in home workers accessing the corporate network with a virtual private network (VPN) connection because of the coronavirus pandemic only exacerbates these risks, providing a perfect opportunity for cyber criminals, as recent events demonstrate only too well.

Coronavirus phishing scams with malicious links or attachments sent out by email or WhatsApp messages started circulating in January 2020 and their number has continued to increase since. The European Commission has said that cybercrime in the EU has risen since the outbreak began, while The World Health Organization (WHO) recently warned about suspicious email messages attempting to take advantage of the Covid-19 emergency by stealing money and sensitive information from the public. In some countries, data shows that the number of attempted cyber attacks increased five-fold between mid-February and mid-March. In April, Google detected and blocked more than 18 million malware and phishing emails and 240 million daily spam messages related to the pandemic in a single week[1] . In total, the tech giant blocks more than 100 million phishing emails each day.

"Remote workers may be dressing down in the home office but this does not mean that they can be casual when it comes to maintaining IT security standards,” says Jens Krickhahn, a Regional Practice Leader of Cyber Insurance at AGCS.

In the new risk bulletin: Coronavirus: Staying Cyber-Secure Through The Pandemic, AGCS cyber experts provide an overview of tips and measures to consider to combat internet attacks. These are based on the core measures of the German Federal Office for Information Security and the guidelines of the Charter of Trust, an association of companies promoting global IT security, of which Allianz is a member, and apply to all devices, including those provided by companies for employees to use.

Suggested measures to consider for bolstering IT security in the home office highlighted in the bulletin include:

  • keeping software up-to-date
  • activating virus protection and firewalls
  • being increasingly cautious about sharing personal data - online fraudsters increase their success rates by addressing victims individually
  • making sure web browsers are up-to-date
  • keeping passwords safe and changing them regularly. The general rule: the longer, the better
  • protecting confidential emails with encryption 
  • only downloading data from trusted sources
  • making regular backups
  • turning off voice-activated smart devices and covering webcams when not in use
  • making clear distinctions between devices and information for business and personal use and not transferring work between the two. This will prevent unintentional information leakage
  • identifying all participants in online sessions
  • logging out when devices are no longer in use and keeping them secure
  • following security practices for printing and handling confidential documents
  • being careful with suspicious e-mails or attachments, especially if the sender is unknown.

For the full overview of IT security measures download the bulletin here.

All of the recommendations are technical advisory in nature from a risk management perspective and may not apply to specific operations. Please review any loss prevention measures carefully and determine how they can best apply to specific needs prior to implementation. Any queries relating to insurance cover should be made with your local contact in underwriting and/or broker.

 
Source: Allianz Global Corporate & Specialty (AGCS) Africa
 
« Back to previous page Print this page » |
 

Breaking News »

POPI BREACH COULD MEAN FINES OF UP TO R10 MILLION AND A 10-YEAR JAIL SENTENCE

Where to start for SA businesses?   09 July 2020: Parts of the long-awaited Protection of Personal Information Act 4 of 2013 came into force on 1 July 2020, and companies will have a period of one year ...
Read More »

  

POPI ACT IS NOW IN FORCE

FIVE STEPS TO ENSURE POPI COMPLIANCE FOR DIRECT MARKETING   07 July 2020: The Protection of Personal Information Act 4 of 2013 (POPI) has now come into effect and it is important that South Africa businesses ...
Read More »

  

POPI ACT - IMPLICATIONS FOR VARIOUS BUSINESS AREAS

02 July 2020: The long-awaited Protection of Personal Information Act 4 of 2013 comes into force on Wednesday 1 July 2020, and companies will have a period of one year to get their ducks in a row or risk substantial ...
Read More »

  

Lloyd’s presents solutions for global industry and government partnerships

Lloyd’s presents solutions for global industry and government partnerships to fast-track societal and economic COVID-19 recovery Open-source frameworks provide blueprint for better protecting society ...
Read More »

 

More News »

Image

Healthcare »

Image

Investment »

Image

Life »

Image

Short-term »

Advertise Here
Image
Image
Advertise Here

From The Glossary »

Icon

Misrepresentation:

Information supplied by the insured to the insurer which is incorrect to a material degree. The supply of such information whether innocently or fraudulently gives the insurer the right to repudiate the contract.
More Definitions »

 

Advertise

 

eZine

 

Contact IG

 

Media Pack

 

RSS Feeds

By using this website you agree to the Terms of Use.
Copyright © Insurance Gateway (Pty) Ltd 2004 - 2020. All Rights Reserved.