Corona wreck increases cyber risk, phishing seriously–UK government report

According to the 2021 Cyber ​​Security Breaches Survey, a security report published by the British government’s Department for Digital, Culture, Media and Sports (DCMS), two out of five companies were hit by cyber attacks in 2020. , It is said that there were many specific threats. Also, given the increase in remote work and the slight decrease in the use of security monitoring tools to detect anomalous activity within an organization, the number of organizations that have been involved in cybercrime may actually be higher. That is. In other words, some organizations are unaware of the fact that they have been infringed. The report describes corporate approaches to cybersecurity and the impact of attacks. The report states that over the past year, organizations have been forced to respond quickly to remote work, leading to increased potential cyber risk. That’s because your organization’s firewall can’t protect your employees as long as they work from home. More than 80% of organizations that detected cyberattacks in 2020 were phishing emails that used malicious messages to attach malware or force employees to click on malicious links. It is supposed to be. More than a quarter of organizations claim to have been attacked by email from attackers impersonating people or businesses online. The purpose of the attack was either a business email fraud (BEC) attack that attempted to trick an employee into performing a large transfer of funds under the guise of stealing credentials or a significant business transaction or contract. It is said that it was. While email has long been a popular means of carrying out cyberattacks, the move towards remote work in 2020 has made people dependent on email to stay in touch with the workplace. It is increasing. The report suggests that this is why some companies are unable to detect cyberattacks and data breaches. In addition, more than 1 in 20 companies are said to have been attacked by ransomware. The majority of organizations that detect cyberattacks take action, including additional training for employees, updating antivirus software, changing firewall settings, and installing other new software, while after detecting an incident. More than one-third of companies are doing nothing at all. The report also states that more and more organizations are taking out certain types of cyber insurance to cover the financial burden of cyber attacks. The report provides several recommendations to ensure the security of your organization’s network and its resilience from cyberattacks. It includes protecting accounts with multi-factor authentication, training staff, and raising awareness of cybersecurity issues. It is also recommended that additional measures be taken in supply chain risk management to increase protection from attacks that could exploit the supply chain as a means of network access. “It’s important for organizations, management and IT teams to recognize that good cybersecurity provides better business resilience, which focuses on short-term business and IT service continuity,” the report said. This may not necessarily be appreciated during a pandemic that may reduce awareness of cybersecurity debates. ” “As we survive the pandemic, cybersecurity teams will have the opportunity to review these discussions and show that cybersecurity is an integral part of business resilience.”