Many general counsels, as well as their privacy and cybersecurity teams, are understandably focused on their company’s coronavirus safety measures—and that is good news to the hackers.
Hackers thrive amidst confusion and distraction, so it is important with everything that is going on with the coronavirus, companies—including their lawyers—remain on guard against hacks.
Cybersecurity is truly not just about IT; but legal and IT departments should ensure employees are reminded of at least two critical things they should do in this heightened risk environment:
- Be wary of clicking on links embedded in emails and entering in credentials. There is no doubt we will see an uptick in phishing emails appearing to come from the Centers for Disease Control, the World Health Organization, other health-related organizations, or even from companies’ own HR departments. Employees should be advised to look carefully at the sender’s email address (especially after the @ symbol), and to hover cursors over links to see where they really resolve.
- Ensure proper remote access. Accessing company servers remotely without using a secure connection, such as a virtual private network, exposes those servers to hackers. If employees are working from home because of the virus and have not enabled security features on their home WiFi, and are not logging in via a secure connection, the individual and the company are more vulnerable to cyber attacks.
No matter how many reminders you give, however, someone will always click on a link they shouldn’t, or access internal networks inappropriately. It is how the wider team reacts and responds to attacks that makes all the difference.
Here are five quick and inexpensive—but absolutely critical—questions to ask to help ensure your company remains well positioned to successfully respond to cyber attacks:
- Make sure your response plan does not reside solely on company servers. In a cyber attack, accessing documents electronically may not be an option. The best thing to do is print out your response plan and maintain it in hard copy.
- If you do print out your response plan, check to see whether the response team has copies of the plan at home. With so many employees teleworking because of coronavirus, it is important to store hard copies of critical documents safely at home.
- Confirm that the call roster for your key response team members, both internal and external, includes work, cell, and other contact numbers. It is important to avoid single points of failure, and more critical than ever that teams and external advisors are accessible even when not at their desks. Like the response plan, the call roster should not just be stored electronically.
- Confirm that you have a good sense of your regulatory and contractual notification obligations in the event of a breach (or that you know whom to call who does). There is no guarantee that regulators will grant leniency for failing to know or meet notification deadlines because of coronavirus-related distraction. The same applies to your counterparties, many of whom require notice of cyber incidents within 24 or 48 hours.
- Check to see when you have last reviewed your cyber insurance. Is your cyber insurance current? Does it cover what you want it to cover? With attacks and attack vectors changing so rapidly, it is important that you are covered for the latest threats and types of attacks. Similarly, make sure you pre-clear your preferred external advisors and consultants with your insurance company if they are not already on the insurance company’s panel.
Bad actors thrive amidst chaos and distraction, so despite—and precisely because of—all that is going on with coronavirus, it is important to remember the dangers hackers pose and to be prepared to respond to those threats.