Advisen Front Page News
- Wednesday, June 10, 2020
Beazley: Ransomware attacks up in Q1; pandemic-related scams recently 'skyrocketed'
Advisen
Beazley: Ransomware attacks up in Q1; pandemic-related scams recently 'skyrocketed'
By Chad Hemenway, Advisen
Beazley Breach Response Services (BBR) said it recorded a 25% uptick during the first quarter of 2020 in reported ransomware incidents compared with the fourth quarter of 2019 and, while total data is not yet available, cybercriminals evidently took advantage of new working environments during the coronavirus pandemic.
BBR said manufacturing experienced the greatest increase – 156% -- in ransomware incidents during the first quarter compared with the last three months of 2019, and a “growing number” of attacks were aimed on vendors and managed-service providers.
“During Q1, BBR Services noted a particular spike in ransomware incidents at service providers for banks and credit unions as well as for healthcare organizations, which led to multiple notifications,” Beazley said.
Interestingly, Beazley reported that incidents of business email compromise, though still a significant problem for all industries, were down somewhat in the first quarter. This, the insurer noted, may be a “temporary reprieve.”
“What is clear in Q2 is that cybercriminals have seized on the opportunities presented by the pandemic and we are likely to see more employees falling victim as attacks accelerate,” Beazley said. COVID-19-related scams involving email phishing, social media posts, and smishing (text message phishing) have “skyrocketed.”
A common scam, according to security awareness training experts KnowBe4, involves the CARES Act, which is meant to provide financial relief for the economic fallout cause by the pandemic. Scammers send victims phishing emails and ask for bank account information and a social security number to get a payment.
“During the pandemic, attackers are taking advantage of the fact that many employees have been working from home, without the technical protections that their corporate networks often provide,” Beazley said. “Furthermore, many employees are working from their personal computers, often shared with family members, processing sensitive and potentially personally identifiable information without the advantage of managed endpoint protection or even regular patching schedules that are also managed by the typical IT team.”
