In addition to death and taxes, one thing you can inevitably count on is for unprincipled attackers to go very low, and try to make a profit from others’ suffering. With the rapid global spread of the COVID-19 virus, originally dubbed the “novel coronavirus”, social engineers are fine-tuning their attacks to exploit the situation.
Employees are eager to learn their management’s position on the outbreak
It’s understandable that an employee could be prone to clicking on an attachment in an email that appeared to be an update from their CEO about the virus. When an employee at the Southern Water utility in the UK apparently did just that, the result was a malware infection that attacked the utility’s SCADA network, which is used to control and monitor operational equipment responsible for providing water to the community.
A quick response is essential, especially for critical infrastructure services
The utility was apparently able to prevent a complete loss of control of their equipment, but they did have to shut down some services to limit damage while they responded to the attack. In general, utilities are well-equipped to respond to anomalies in their systems. They recognize the risks to their operations if they don’t detect and respond quickly when something unexpected happens. They are often able to isolate systems to stop the spread of malware and prevent damage to operational components.
Anticipating cyberattacks from high profile crises should now be a routine thought process
Whether you operate a utility, a managed service provider (MSP), or a professional services organization, losing control of your systems and networks should be a critical concern. Even with many technology safeguards and redundant systems in place for response, utilities and other Business-to-Business (B2B) service organizations would much rather prevent a malware infection in the first place. For many other types of businesses, any malware incident can result in more than a short outage, and can impact finances and public reputation.
When major world events occur, especially something like a pandemic risk, managers need to anticipate the coming wave of social engineering attacks that will target their employees, and potentially cause disruption of operations.
Employees are now targeted for their emotions
The Southern Water incident illustrates vividly how social engineering attackers work. Any unexpected situation can cause employees to shift their attention from “standard operating procedures”. So attackers will spend significant effort on creating “pretexts”; situations that are not only believable to their target victims, but which make it likely that they will take action without thinking about the related risks.
How Continuous Cybersecurity Awareness Helps Employees Prepare for the Unexpected
In order to properly prepare for threats that employees will inevitably face, they need to be put in an immersive situation, where they can repeatedly exercise their decision-making in a safe environment. Traditional training and phishing assessments provide the basic guidance and sometimes can simulate consequences of clicking on suspicious links. But without consistent, ongoing practice, employees can easily forget the guidance their employers have invested in, and take action based on their emotions, in the heat of the moment.
Click Armor is a continuous cybersecurity awareness platform that uses proven gamification techniques to engage employees to understand and retain knowledge about risks like social engineering and phishing. Having employees who are motivated to learn and practice good cybersecurity hygiene is an essential element to building a strong security culture. Regardless of your investment in network and endpoint security technologies, continuous cybersecurity awareness is the most effective way to make your organization resilient to the inevitably changing threats that target their emotions.
To learn more about Click Armor, or to obtain a copy of a whitepaper on how gamification motivates employees to learn more effectively to change behavior, you can submit a request on the Click Armor contact page.
Want to comment, let’s the discussion to Twitter…