The current coronavirus pandemic has created vulnerabilities in information technology that have led to an increase in data security incidents, cybersecurity lawyers say.
In a March 20 article in Law360, attorneys argue that “the spread of the virus that causes COVID-19 presents countless understandable reasons for employees not to have information security at the top of their minds.” But companies need to “double down on cyberdefense during the crisis, as the shift to remote work gives hackers more ways to infiltrate networks and to take advantage of potentially panicked staff.”
UB Law alumnus David F. Katz, J.D. ’99, a partner in the privacy, cybersecurity and data management practice at Adams and Reese LLP, reports that “Businesses have been trying to position themselves as engaged with their clients and consumers in order to remain relevant and be a resource, but the effect of that is that it has created so much content and communications.
“Hackers are taking advantage of this by hiding among those communications and creating very sophisticated forms of messaging that appear legitimate,” Katz says.
Experts suggest organizations protect their assets by requiring remote workers to use company-owned equipment and sign into virtual private networks, or VPNs. Employers should be “frequently patching their VPNs with the latest security fixes and using multifactor authentication as another layer of protection, the U.S. Cybersecurity and Infrastructure Security Agency warned in an alert sent to businesses last week.”
The agency suggested that organizations should embrace a “heightened state of cybersecurity” as they expand telework options — a mindset encouraged by attorneys advising clients who are fending off cyberattacks during this global pandemic.