As Hurricane Milton approaches, companies should prepare for increased cyber threats.
Cybercriminals increasingly exploit the chaos surrounding natural disasters to launch phishing attacks and take advantage of security vulnerabilities.
Disaster recovery isn’t just about boarding up windows — it’s also about safeguarding the digital doors that cybercriminals are eager to exploit. By taking proactive steps, companies can mitigate their risk of falling victim to cyberattacks at one of their most vulnerable moments.
Natural disasters provide a perfect backdrop for cyberattacks because people are focused on their immediate survival, not necessarily on verifying the legitimacy of every link or email. During a disaster, there’s often an influx of fraudulent requests. Staying vigilant is key.
In addition to maintaining a holistic cybersecurity posture, companies should have business continuity and disaster recovery plans in place, and these plans should be reviewed and updated routinely. If an organization does not have these plans in place, they should contact an IT professional for assistance.
With Hurricane Milton set to make landfall, companies are bracing for more than just physical damage. There is a heightened risk of cyberattacks that often accompany natural disasters, urging businesses to bolster their defenses before it’s too late.
When companies are scrambling to manage disaster recovery, cybercriminals are watching closely, ready to exploit any weakness they can find.
The Cybersecurity & Infrastructure Security Agency (CISA) regularly issues warnings about data breaches and online fraud following disasters. In a recent alert, CISA stated that “fraudulent emails and social media messages — often containing malicious links or attachments — are common after major natural disasters.”
It is easy to forget to properly shut down or secure your digital infrastructure. If systems are left running without adequate security (such as encryption or multifactor authentication), cybercriminals or unauthorized individuals potentially could access sensitive information, either remotely or in person.
Please keep the following in mind:
· Impersonation of trusted entities: Phishing scams after disasters often impersonate government agencies or service providers, tricking users into providing sensitive credentials, which cybercriminals use to gain unauthorized access to company systems.
· Malware in phishing emails: Emails may contain malware — such as keyloggers or ransomware — hidden in links or attachments. Once installed, this malware can steal data, provide backdoor access for hackers, or spread across systems, leading to breaches.
· Spear phishing: Cybercriminals target specific employees, exploiting the chaos of disasters. These tailored attacks often prompt employees to download malicious files or enter sensitive information, giving hackers access to systems.
· Remote work vulnerabilities: During disaster-related remote work, cybercriminals exploit insecure networks, sending phishing emails that direct employees to fake portals for “disaster updates” or system access, potentially exposing login credentials.
· Impersonation of recovery services: Scammers pose as legitimate disaster recovery services, asking for corporate identification or financial details, which then can be used to breach company systems.
· Government agency impersonation: Phishing emails also may pose as government agencies requesting disaster relief verification, allowing cybercriminals to collect sensitive data and compromise company networks.
Securing an organization’s environment is a 24/7 endeavor, especially in disaster-prone areas like Florida, where hurricanes are a regular thing.
Companies should establish backup communication methods in case primary systems fail and remain alert to the risk of scammers using alternative communication methods to impersonate legitimate sources.
To further protect your operations, it is recommend secure backups for critical documents. This could include encrypted cloud storage and multifactor authentication to prevent unauthorized access to sensitive information. As always, contact us if you need any assistance.