[Skip to content]

Sign up for our daily newsletter
The Actuary The magazine of the Institute & Faculty of Actuaries

Cyber risks heightened by home working

Businesses could be at greater risk from cyber attacks as a growing number of people work from home in response to the deadly coronavirus. 

Working from home poses greater cyber risks ©iStock
Working from home poses greater cyber risks ©iStock

That is according to a briefing from Beazley Breach Response (BBR) Services, which warned that the two most common ransomware attacks are phishing emails and breaching remote desktop protocol (RDP). 

RDP enables employees to access their work computer desktops or company’s primary server from home, but the convenience comes with added risks if the technology is not secure.

Katherine Keefe, global head of BBR Services, said: “The coronavirus has forced many more employees to work from home, and it is very important that companies take the right steps to reduce the vulnerability of their IT infrastructure.

“Always ensure employees can access their computer using a virtual private network with multifactor authentication. 

“It is important to whitelist IP addresses that are allowed to connect via RDP, and make sure that unique credentials for remote access are in place – particularly for third parties.”

The briefing also reveals that the number of ransomware attacks reported to BBR by it clients increased by 131% in 2019 compared with the previous year. 

The sums demanded by cyber criminals also increased exponentially, sometimes reaching seven or even eight figures.

Keefe said that hackers have recently been carrying out a “two-pronged attack” on businesses by using ransomware variants in tandem with banking trojans such as Trickbot and Emotet.

This can leave organisations facing a debilitating impact on their critical systems and data being encrypted, combined with the added risk of data being accessed or stolen.

“Although these attacks can be damaging and complex, some of the most effective preventative measures are relatively simple,” Keefe continued.

“More than ever, organisations need to ensure their IT security measures are a top priority and up-to-date, that they have access to authoritative, experienced risk management advice, and, importantly, that employees are trained and alert to the potential threats.”

Sign up to our free newsletter here and receive a weekly roundup of news concerning the actuarial profession