This year has forced organisations to adapt quickly to enabling employees to work from home. That’s creating ‘chaos with no control’ — which cyber criminals are exploiting.
Hackers are breaking into networks of organisations ranging from tech companies to local governments and almost every other sector; encrypting servers, services and files with ransomware before demanding a bitcoin ransom that can be measured in hundreds of thousands or even millions of dollars.
While employees and their PCs were once safely behind the office firewall, now they’re perched at a makeshift workstation in their kitchen or bedrooms, using all manner of cobbled-together technologies to get the job done.
For many employees, the pandemic could have been the first time that they’ve ever worked remotely. And being isolated from the corporate environment. Another WFH security issue; for some people, their work laptop might be their only computer, which means they’re using these devices for personal activities too, like online-shopping, social media or streaming video. This means that cyber criminals can launch phishing attacks against personal email addresses, which if opened on the right device, can provide access to a corporate network.
Let’s take a look at a few examples of cyber threats and security breaches that have taken place in 2020.
Scams
- In April 2020, swindlers impersonated the World Health Organization (WHO) to send e-mails to the public seeking donations to a fictitious COVID-19 fund.
- In March 2020, the Department of Justice in the United States filed a legal appeal in the federal court to shut down a website called coronavirusmedicalkit[.]com, which claimed to sell free vaccine kits.
Phishing
- A phishingscam campaign sent out fake Zoom invites to employees from HR. The idea was to phish out their passwords.
- Several UK citizens received an e-mail from a fake government ID telling them to claim a tax refund to protect against the COVID-19 crisis.
Malware
- The Powershell malware attacks in 2020 have witnessed a sharp increase of 117% in North America.
- Ryuk has emerged as one of the biggest malware threats to US hospitals and healthcare providers in 2020.
In order to help our customers, the Imperium Markets platform offers a set of features to improve security.
Multi-factor authentication
Your passwords can be easily compromised. MFA immediately increases your account security by requiring multiple forms of verification to prove your identity when signing into an application.
MFA (or 2FA) to ensure your accounts are up to 99.9% less likely to be compromised.
Provide users secure, seamless access to our platform.
IP Whitelist
Restrict access to the Imperium platform, so that only authorized IP’s can log in. That way, if your user accounts are ever compromised, your account will still be safe.
Protection against brute force attacks
The brute force strategy is to try any possibilities, one by one, until finding the good password. Once we detect that some account is under a brute force attack the account will be immediately blocked and the user notified.
DMARC for e-mails
DMARC informs receiving mail servers what to do when they get a message that appears to be from your organization and protects Imperium emails against direct domain spoofing, so that an email from the domain @imperium.markets can be trusted.
