cyber attacks phishing in times of crisis

During crises, cyber criminals rub their hands with glee. That is because insecure employees and (financially) stricken companies are easy prey for them. Companies can protect themselves by sensitizing employees for IT security issues and thereby reduce the risk of a costly cyber attack via tactics such as social engineering or phishing in times of crisis.

Cyber attacks in times of crisis as an economic threat

It was only at the beginning of the year that the GEDIA case in Germany impressively demonstrated the consequences that companies have to deal with when cyber criminals and hackers manage to gain access to sensitive data. The automotive supplier became the victim of a phishing attack, had to shut down all its systems and grant their employees a leave. The attackers demanded a million-dollar ransom and, after GEDIA refused to pay the sum, released sensitive company information – including account and credit card data as well as business emails. The ensuing Corona crisishit the automotive industry particularly hard, and although the company itself did not comment on the extent of the incident, it is now estimated that the losses added up to several millions.

CWT, an American travel company,suffered a similar fate when it got into the cyber criminals’ firing line in the middle of the crisis. Around 30,000 computers were infected and around two terabytes of sensitive data were encrypted. Bizarre about this case: In a chat with the hackers, CWT was able to negotiate the ransom from almost 10 million to 4.5 million dollars. Considering the circumstances, this was nevertheless a considerable sum for the already weakened company.

Why cyber criminals celebrate during the crisis

In the Corona crisis, for example, there were significantly more cyber attacks than before. According to the ENISA, the frequency of phishing emails rose by over 600% between February and March 2020. Phases of uncertainty in the economy are particularly interesting for cyber criminals in many respects:

Insecure infrastructure

This year was a good example of how, in times of crisis, new technologies are often introduced abruptly in order to enable employees to work remotely and thus remain economically viable. Alternatively, resources for IT security are often cut in order to save money. In the process, security precautions are neglected or get lost in the chaos of restructuring.

Human insecurity

In times of crisis or during restructuring, responsibilities may not be clear and there are hardly any guidelines for how to behave in new work models. Remote work was first introduced for about one third of German employees during the Corona crisis. Employees who are unsettled by this reorientation are a particularly good target for social engineering attacks.

Lack of expertise

Cyber security experts and awareness specialists are an additional cost factor for many companies in times of crisis and especially during restructuring phases, which they oftentimes cannot afford. However, if the appropriate expertise is lacking, the responsibility for IT security remains entirely with the employees, who are often not sufficiently prepared for it.

In the interplay of all these factors, cyber criminals have an easy job of it and can abuse the insecure employees for their own purposes and attack weakened and stricken companies. They position emails that work on emotional manipulation and thus manage to provoke clicks – often with serious financial consequences.

Phishing in der Krise über Kollaborationstools

Cybercrime and Corona: The crisis within the crisis

A survey conducted by the DIHK (German Chamber of Industry and Commerce) showed that four out of five German companies expect significantly lower salesthis year due to the corona crisis. Cyber criminals sense their chance in such situations – they know exactly which companies are vulnerable to phishing and other cyber attacks during the crisis. The travel industry, for example, has been hit particularly hard, with a 95% drop in sales. So for the tourism company CWT, the hacker attack came at a very bad time. This is precisely why companies should take preventive IT security measures at an early stage to avoid serious damage in the midst of an already tense situation.

Smaller companies also fear a decline in sales by more than 50%. To put these figures into perspective: A successful phishing attack causes expenses that must not only cover the loss of operations, but also the repair of the damage. According to an exemplary calculation by BITKOM, a company with an annual turnover of 20 million Euro can expect costs of more than 6.5 million Euro. Ransomware brings enterprises already stricken by the crisis to the edge of their existence.

Cyberangriffe in der Krise

Creating awareness to prevent phishing in times of crisis

Companies can minimize this enormous financial risk by sensitizing their employees preemptively to IT security and thus prepare them for potential cyber attacks. Only interacting with phishing emails leads to damage. Awareness training reduces click rates by 50-70%, which also minimizes the potential damage by more than half. With adigital awareness solution, companies can, therefore, save costs without the need for additional internal expertise or capacities, and can train their staff continuously and effectively, even in remote work mode. SoSafe, for example, offers a fully automated training platform for this purpose, which trains employees in a time-efficient manner and helps them to protect themselves even when working remotely. Like that, employees to actively reduce the risk making them an active part of the company’s defense against cyber attacks.

More about our home office IT security training

About SoSafe

SoSafe’s awareness platform continuously sensitizes and trains employees in dealing with the topic of IT security. Phishing simulations and interactive e-learnings teach employees in an effective and sustainable way, which is something to pay particular attention to when using e-mails, passwords or social media. The company receives an anonymous but differentiated reporting and can make awareness building measurable – completely GDPR compliant.