In his 2003 book “A Mathematician Plays the Stock Market,” John Allen Paulos stated, “Uncertainty is the only certainty there is, and knowing how to live with insecurity is the only security.” That sentiment rings particularly true at this moment in time, as we face an unpredictable future and grapple with the ongoing COVID-19 pandemic. Businesses in the U.S. are attempting to weather a recession spurred by the coronavirus outbreak, with no clear idea of when the public health crisis will abate and the economy will bounce back.
The situation is especially challenging for small and midsize businesses (SMBs) with fewer resources to draw on to stay afloat during the economic downturn. Of those polled by the U.S. Census Bureau for the Sept. 6-12 Small Business Pulse Survey, 44.5 percent said the pandemic has had a moderate negative effect on them, while an additional 30.9 percent reported a large negative effect.
At the same time, scammers have seized this opportunity to exploit people who are already distracted and stressed by the effects of the pandemic. Businesses must not only worry about the spread of coronavirus but also prevent malware from infecting their networks as COVID-19 inspires a surge in cybercrime.
How COVID-19 Has Complicated Cybersecurity
After the new virus began to spread around the world, fraudsters wasted no time in cooking up new COVID-19-themed schemes. In April, the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert warning that malicious cyber actors had launched phishing campaigns, fraudulent domain names and other types of IT security threats with mentions of COVID-19 as lures to trick their targets into downloading malware, supplying their credentials or otherwise opening the door to private networks.
In the months since then, the onslaught of pandemic-inspired cybersecurity threats has continued. Hackers have sought to exploit vulnerable Virtual Private Networks (VPNs) and other types of remote access infrastructure deployed by businesses looking to swiftly adapt to the new reality of their teams working from home: The CISA issued another alert cautioning that enterprise VPN usage could lead to data breaches without regular updates, patching, and multi-factor authentication.
In yet another alert sent out in August, the CISA sounded the alarm about a malicious actor sending out emails with a link that spoofs the Small Business Administration (SBA) COVID-19 loan web page in an attempt to trick recipients into disclosing their SBA Economic Injury Loan portal account credentials. Phishing attempts have skyrocketed: In late April, Google’s Threat Analysis Group detected 18 million malware and phishing Gmail messages per day related to COVID-19.
Those phishing campaigns are also a common way to distribute ransomware, a type of malware that encrypts the victim’s files and demands payment in exchange for the decryption key, the CISA explains. This nasty IT security threat is now running rampant: Ransomware-related incidents were involved in 41 percent of reported cyber insurance claims in the first half of this year, according to a report from Coalition. On top of that, the average ransom payment rose to $111,605 in the first quarter of 2020, an 11 percent increase from the fourth quarter of 2019, Coveware has reported. With variants like Maze threatening to leak data if the victim doesn’t pay up, simply backing up your files isn’t an adequate ransomware defense anymore, either.
Overall, businesses attempting to protect their networks and secure sensitive data now face a more extensive and rapidly evolving landscape of cybersecurity threats than ever before – compounding the stress of dealing with an unstable economy and a future shrouded in uncertainty. If you could use help handling everything on your plate right now, it makes more sense than ever to partner with a Managed Security Service Provider (MSSP).
3 Key Reasons to Turn to an MSSP Right Now
Working with an MSSP made sense for SMBs even before the pandemic spurred a tsunami of cybercrime. Now that the public health crisis has complicated IT security risk management, there are even more reasons to join forces with a third party to protect your network and data. Here are just a few notable advantages to consider:
1. On-demand access to high-level cybersecurity expertise. By partnering with an MSSP, you can leverage the knowledge and skills of experienced security analysts and executives (e.g., through virtual CISO services) without having to invest the time and funds necessary to find and retain in-house experts.
2. Cost containment. By outsourcing cybersecurity, you can potentially lower costs in the long run due to the aforementioned reduction in staffing-related spending, in addition to avoiding the financial damages your business would experience in the event of a breach. The global average total cost of a data breach is $3.86 million, according to IBM.
3. Reduction of your overall business risk level. While an MSSP can’t control the risk associated with the tumultuous economy, we can measure and mitigate the risk cybercrime poses to your organization. This gives you some additional control over what happens to your business and creates more assurance of sustainability going forward.
In the end, partnering with an MSSP will ensure you have one less thing to stress over and ensure that you’re taking steps to exert as much control as you can over what happens to your business, even while facing an uncertain future. If you’re interested, Stratosphere Networks has a comprehensive MSSP offering that includes a wide range of advanced tools and services – from vulnerability assessments and compliance assistance to threat intelligence and management solutions. Just give us a call at 877-599-3999 or email sales@stratospherenetworks.com.
