COVID-19 and Data Security

The COVID-19 pandemic has significantly increased cyber risk exposure to both companies and individuals. Hackers and cyber extortionists utilize emergent situations such as a pandemic to prey upon unsuspecting consumers and businesses seeking information. Skeleton crews at the office and the general distraction of the developing COVID-19 situation create windows of opportunity for social engineering tactics such as phishing. The sudden shift to a remote workforce opens endpoints to attack through home office equipment which firm IT departments have little control over. These vulnerabilities have fueled the proliferation of ransomware attacks. The hacking ring known as Maze has deployed a new tactic called double-extortion ransomware, which involves not only encryption of data, but disclosure of a company’s private information on the Dark Web if the ransom is not paid. Health care providers and law firms have been significantly impacted by this new threat by virtue of their ethical and legal obligations of data privacy. The members of Kightlinger & Gray’s Data Security Practice Group monitor the latest trends and governmental cybersecurity alerts to stay informed and prepared to assist clients that face the threat of litigation as a result of a cyber-attack or data breach.