With many employees working remotely during the COVID-19 response, their employers' networks and information systems are exposed to a much higher risk of hacking and ransomware. Governmental entities are a significant target for cyber criminals – and ransomware is their most common type of cyber attack. Cyber criminals usually deploy ransomware through phishing emails and by breaching poorly secured Remote Desktop Protocol systems (RDPs). RDPs are very convenient for giving employees access to their work computer from home, but they can become real liabilities if they are not set up with sufficient security elements.
Ransomware and Preventing Cyber Breaches* (linked below under "Documents") goes into some detail about how this happens and how to prevent it. Among other things, it explains how cyber criminals
- trick users into handing over secure information, and
- gain access to ("breach") Remote Desktop Protocol (RDP) systems that are not set up with proper security.
To maintain system security when working remotely, PACIF's partner for cybersecurity coverage* recommends that employees take additional measures to reduce the vulnerability of your IT infrastructure. They specify three important forms of protection:
- Train employees to recognize phishing attempts and to never click the links. Basic courses are available for PACIF members through the PACIF Online University.
- Ensure that employees can access their computer using a virtual private network. Multifactor authentication is a best practice and is highly encouraged.
- "Whitelist" the IP addresses that are allowed to connect via the RDP. Every remote user – especially third parties – must set up unique credentials for access.
VLCT PACIF's recommendation is that you discuss these and other computer network security elements with your IT system vendor(s) to make sure your remote system operations are at least as secure as they would be when working from the office.
* Published in early 2020 by Beazley Insurance Company, Inc., a leading cyber liability insurer and PACIF's reinsurer for cyber liability coverage, this document is based on computer hacking and ransomware claims filed with Beazley in 2019.