Keeping your organization safe from data exfiltration and other growing cybersecurity threats

One law firm, eager to quickly switch to a remote workforce as the pandemic triggered stay-at-home orders and office shutdowns, pulled retired laptops and desktop computers from storage for employees to use. Another common response to teams no longer working onsite: allowing employees to connect to their desktops back in the office from home – exposing the system outside the firewall without using a VPN (Virtual Private Network). 

In both scenarios, though understandable given the quick turnaround companies faced in keeping operations moving in the early days of COVID-19, put businesses at higher risk for cyberattacks. Without proper safeguards in place, an organization is being more reactive than proactive – leading to its information technology environment being at risk of significant compromise.

About 60% of businesses already had a partial or full remote workforce in 2019, and this number has climbed significantly during the pandemic. At the same time, some 20,000 pandemic-related cybersecurity threats have been reported to the Federal Bureau of Investigation’s Internet Crime Complaint Center so far this year. 

Just as businesses everywhere have had to reassess and adjust during the pandemic, so have so-called threat actors who are rapidly adapting malware and phishing attacks, finding ways to wreak havoc on companies’ IT environments. Sophisticated hackers are becoming especially clever and are capitalizing not only on greater numbers of remote workers, but also the public’s fears and vulnerabilities during these uncertain times.  

Data exfiltration

Cases of data exfiltration – a potentially devastating and costly cyberattack – are on the rise. Data exfiltration is a tactic that is used as a form of extortion during a cyber breach or ransomware event.  Exfiltration occurs when an individual’s or company’s data is copied, transferred, or retrieved from a computer or server without authorization.

While threat actors in the past would encrypt data from a company and ask for ransom before decrypting the information, they are leveraging new tactics such as double extortion. Now, they exfiltrate the data during the attack and make a copy off-site to extort money should the organization choose to not pay the encryption ransom, among other damaging moves against an organization. While we hear about large organizations – Michigan State University and Columbia College Chicago in recent times – any size company is at risk if their IT environment’s security and risk posture is unmanaged. 

Even accepted firewall protocols are sometimes unable to keep these threat actors at bay, as threat actors are hiding malicious activity within accepted firewall protocols which demonstrates not only the sophistication of these attacks but also the need for extremely proactive measures. It’s more critical than ever to advance monitoring techniques.

How to fight back

As organizations navigate the remote workforce landscape and consider risk outside of the four walls of their business, the following steps will help ensure a solid, safe, and secure IT environment:

Assess your vulnerabilities. Take a close look at your ‘crown jewels,’ or the sensitive data you have and why people would want it. What are the risks to your business should this information be shared outside your organization? Consider partnering to perform a vulnerability and penetration test along with a full risk assessment.  

Understand your current capabilities. What precautions have you put in place to secure your IT environment? What residual risks remain after those mitigating controls? This will help identify any gaps you may have in your current set-up and the required follow-up actions.

Plan for the gaps. Creating a plan to mitigate any gaps in protection, and putting that plan into action, is essential – and will help you stay ahead of potential problems. Remember, it’s always going to be cheaper to be proactive as opposed to reacting to an attack. Ransomware payments were up 33% in the 1st quarter of 2020 compared to the 4th quarter of 2019 and averaged $111,605, according to this article. This amount does not account for other business impacts such as loss of revenue, impact to brand and reputation, or regulatory fines for sensitive data types.  

Know that there’s no silver bullet. Managing and reducing risk over time is your best approach.

It’s a journey – an individual one – but you’re not alone. Just as competitive and financial risks are considered by an organization, so should cybersecurity risks. Each business is unique, as are their specific risks, which is why working with a trusted partner who understands the latest threats and your cybersecurity journey is so important. 

If you have any questions or concerns, contact our technology solutions team today at 616.222.9400, via email or at rehmann.com. We’re here to help.

Published in Cybersecurity

Meet The Rehmann Team

Start typing a name ...
Searching for "{{nameQuery}}"...
Start typing an experience ...
Searching for "{{experienceQuery}}"...
Start typing a location ...
Searching for "{{locationQuery}}"...
Or view a list of team members

get rehmann expertise to drive your business in your inbox every week