Businesses brace for Covid-related phishing surge next year

The majority of businesses in the UK expect an increase in cyberattacks next year, a new report from Centrify states.

Polling 200 business decision-makers at large and medium-sized companies, Centrify found that almost two thirds (64 percent) of respondents expect even more Covid-related phishing emails next year, while half (52 percent) expect to incur more cyberattacks.

In the report, Centrify states that organizations should protect themselves by taking proactive measures such as launching security awareness training for employees, restricting VPN connections, increasing the use of multi-factor authentication (MFA) and applying least privilege access controls.

Very few organizations have put all the necessary protections in place, Centrify claims, with almost four in ten (37 percent) having no plans to train new employees on data management policies and cybersecurity risks related to Covid-19. Many also do not have systems in place that would allow them to properly verify employee identities and credentials when accessing company data.

“Covid-themed email, SMS and web-based phishing attacks have not been uncommon over the last year, and so far we’ve seen cyberattack campaigns using the guise of charity, government financial aid initiatives, and business support schemes already lure thousands of victims into leaking sensitive information, such as log-in credentials and payment details,” said Howard Greenfield, Chief Revenue Officer at Centrify.

“Therefore, it is absolutely imperative for companies to adopt a zero trust approach enforced by least privilege access, which will only grant access to certain applications and data once a user’s identity has been verified. This will ensure that leaked log-in credentials do not necessarily translate to a breach of data.”

Source link