Today marks the so-called “Freedom Day”, with many of the Covid restrictions being removed and workers encouraged to return to the office. While many businesses are running hybrid operations with many more staff working from home than before the pandemic, there will still be a large number of people returning to the office, and as always this creates openings for opportunistic cybercriminals.
The primary way cybercriminals will adapt to this change is to use new styles of phishing attacks. Any universal change in the way organisations work allow hackers to create phishing messages that would apply to almost any company. An example would be an email that contains an attachment that details Covid-19 related procedures that must be adhered to in the office. Ordinarily this would be a message that workers may ignore, but within the body of the email the hackers put in bold “this document must be signed before you can return to the office”. This encourages the staff member to open the attachment. A double click on an attachment is literally all it takes for a work laptop to be hacked. You might think that anti-virus would stop it, but look at all the companies that have been hit by ransomware attacks recently, for example FatFace or the US oil pipeline. They of course would have had anti-virus software, so evidently standard anti-virus isn’t enough to prevent these attacks. Once the work laptop is hacked via the attachment in the email, the hacker can do anything they like with it – if you are connected to the work VPN or Office 365 email, the hacker will have access to that too. They can move to other work computers and take control of those too, either stealing confidential information or crippling the network with ransomware.
Our solution to prevent this type of attack is our Managed Endpoint Detection and Response service (M-EDR), which you can think of as a more advanced version of anti-virus that works alongside your existing anti-virus solution and protects you against these more sophisticated threats. The Managed part is key – we have a 24/7 Security Operations Centre that is collecting information from your laptops and other devices in real time, allowing our analysts to block anything that may cause damage to data on the device, such as ransomware. We combine bleeding-edge technology with our highly skilled analysts to provide that enhanced level of protection. Our M-EDR is much more affordable than you’d think too, as we’ve priced is so that it’s suitable for small and medium sized companies as well as larger corporations.
Contact us for more information on how our cyber-security services can help you protect against cyber attacks targeting your organisation.