At the outset of the COVID-19 pandemic, millions of organizations were forced to quickly learn how to operate remotely. For some, the shift to working from home was already happening on its own, but it is estimated that the pandemic accelerated the change by up to seven years.
At the same time, the urgency of the pandemic and the need to quickly adapt to remote working has deterred many businesses from treating cybersecurity as a priority. Criminal hackers have taken advantage of the economic and political challenges presented by the pandemic, targeting critical supply chains among many other things.
Here, we explain what these changes mean for nonprofits: how the changes brought about by the pandemic create more opportunities for cybercrime, the role of human error and the importance of educating your team, and why these changes are here to stay. We also highlight some great tools that can help to protect your data and reduce the risk of a cybersecurity break in your organization, allowing you to direct more time and resources towards supporting your community and focusing on your mission.
A New Era for Cybersecurity
As remote working becomes more sophisticated and more normal, so do the methods of criminal hackers. Just like all industries, cybercriminals are taking advantage of advances in technology to make their methods more effective. Up to 90 percent of cyber incidents succeed by exploiting human vulnerabilities, and so innovations in technology can also be used to create more opportunities to manipulate individuals. Machine learning, 5G technology, and artificial intelligence are all used to increase the odds of success for a ransomware or phishing attack. For example, AI technology could be used to automatically create personalized and realistic emails and evaluate the best targets. Machine learning helps to analyze human behavior and make these attacks more sophisticated. All of this increases the odds of catching a busy employee off guard and executing a successful attack.
Evolving technology, increased remote work, and ever-smarter cyberattacks — none of these will be reversed when the pandemic subsides, and all are likely to be a permanent feature of our lives as we work, shop, and communicate online. For this reason, investment in quality cybersecurity tools is incredibly important, and will remain so for years to come.
Hackers aim to exploit their victims' cognitive biases: the areas in which their subjective reality deviates from rational judgment. They might attempt to tap into someone's authority bias, for example, by addressing an email from the person's boss. The most common cognitive bias used by hackers, however, is the halo effect. People tend to have a positive and trusting attitude towards brands they know, and so their guard is often down when they receive an email from such brands. A busy employee may not register minor telltale signs, such as a fake sender email or grammar errors. This could lead the employee to click a link, download a file, or share logins, allowing the hacker to access confidential data or install malicious software on the employee's computer.
Ransomware and phishing attacks remain the most common forms of cybersecurity threat, with phishing accounting for 80 percent of incidents, and malware attacks increasing by almost 400 percent last year. Ransomware attacks are relentless, with a victim every 10 seconds in the United States, and cost American businesses billions of dollars every year. But the problem is a global one — a fact that's illustrated by the recent creation of an international Ransomware Task Force (RTF).
The success of ransomware attacks relies upon individuals and businesses failing to properly educate their staff and protect their information and their organizations. Hackers only need one human error in order to gain access to data that could be used to launch a full-scale attack. Although we are now moving slowly out of pandemic restrictions, our newfound dependence on technology and the resultant vulnerabilities are here to stay.
Veritas: An Added, Necessary Layer of Protection
To avoid ransomware attacks, a key strategy is to educate your employees on spotting the signs, to keep antivirus software updated, and to back up your data using the 3-2-1 rule. This rule suggests that you have at least three copies of your data, saved across at least two types of media, with at least one of those copies saved offsite.
For a reliable data backup system, Veritas Backup Exec is an effective and easy-to-use option. It allows you to back up multiple servers simultaneously and easily recover your data in the event of a breach. An intuitive interface makes it accessible, simplifying the setup and configuration process. A range of storage options means that it is suitable for most organizations' needs.
Perhaps a better fit for organizations of fewer than 50 employees is Veritas System Recovery. This program specializes in whole-system recovery, enabling you to restore your entire database to the same or a different hardware system or to a virtual environment. In the event of a data breach that renders your entire system inoperable, Veritas System Recovery is an effective and affordable solution.
For great deals on Veritas software, check out Veritas for Nonprofits.
Educate, Prevent, and Protect
Cybersecurity has never been more important. We work, shop, and look after our money online, and every point of contact provides an opportunity for hackers to infiltrate. In this new era of cybersecurity threats, access to effective and affordable software is critical for nonprofits, who often hold their clients' and funders' personal information and operate on limited resources. TechSoup has partnered with industry-leading companies such as Veritas to provide great discounts and donations of their services for nonprofits, making vital cybersecurity systems affordable for even the most stretched budget. By investing in cybersecurity, you can protect your organization, your employees, and your communities from the ever-increasing risk of malware and phishing threats.