What's the link between cyberattacks and natural catastrophes?

Cyber needs to play a key part in business strategy

What's the link between cyberattacks and natural catastrophes?

In the aftermath of a natural disaster, such as a storm, wildfire or earthquake, businesses enter crisis mode. It’s in this period, when leaders are scrambling to deal with damage or losses, that cyber criminals are likely to strike.

Natural catastrophes can set the stage for cyberattacks because they leave people and organizations vulnerable, warned Mark Hubbard (pictured), SVP – IT, First Onsite Property Restoration.

Threat actors are seizing such opportunities to launch well-timed attacks. “They take advantage of the fact that there is tension in the organization and attention is focused on recovering from a catastrophic situation,” said Hubbard.

Aside from impacting businesses, cyber criminals could prevent first responders, utilities, or government agencies from mobilizing after the disaster, creating a domino effect of misery.

It’s critical that all organizations include a cybersecurity plan in their overall disaster recovery strategy, Hubbard told Insurance Business.

“The plan should not only cover the technology infrastructure that’s in place to support the business, it should also cover the business processes of the organization and the employees executing those business processes,” he said.

“[Cybersecurity] should be part of an end-to end business plan around disaster recovery.”

What types of cyberattacks are likely to occur following a natural disaster?

Natural disasters create footholds for cyber criminals to hack IT systems, according to Hubbard. Ransomware attacks, data breaches, and social engineering attacks are common weapons used to infiltrate vulnerable organizations.

When a storm causes IT infrastructure to fail, for example, an organization might begin running from their back-up systems. But if these systems don’t have robust protection in place, they become open to data breaches.

“They back up their data to be able to run from a disaster recovery site, and that’s where we would see some of the data breaches come from,” Hubbard said.

“If an organization’s strategy doesn’t include encrypting their backups, and they’re trying to get that data to another location, they may unintentionally lose data along the way.”

Additionally, employees might be distracted or emotionally distressed following a disaster, making them more likely to fall for social engineering attacks or click on phishing links, Hubbard warned.

“People are more apt to fall for those threats because they’re just trying to do whatever they can to recover from the situation,” he said.

What should organizations do to prevent cyberattacks amid natural disasters?

Prevention and preparation are key to keeping businesses and individuals protected from cyber threats during a catastrophe.

One of the first – and best – steps leaders can take to prepare for cyber incidents is to test their business continuity and disaster recovery plans, according to Hubbard. These plans should be created and communicated well in advance of any threat and include employee education.

“Testing their back-up systems, ensuring they’ve got adequate plans in place, and doing tabletop exercises: these pre-planning processes are extremely important,” he said.

“They take some pressure off you [in the event of a disaster] because you’ll know who’s doing what, who you need to call, and how you need to respond.”

Employees should be reminded to monitor credible news sources and have their guard up when assessing emails or links that look suspicious.

In terms of infrastructure, organizations should have intrusion detection measures in place across systems, including back-ups, he suggested.

“It’s important to know your technology ecosystem so that you can rebuild or recreate that environment safely, making sure you’ve got controls in place around securely accessing your data and your system,” Hubbard said. “Recovering your infrastructure should be part of your recovery plan.”

The unpredictable and uncertain nature of disasters also means that recovery plans should allow some adaptability, added Hubbard.

“You need to have some level of flexibility because the catastrophic event might impact different parts of the business. You need to adapt to the situation that is emerging, but it should cover all your bases, including any third parties,” he said.

“You should have a good understanding of who those critical external partners are, the services they provide, and whether they might be impacted by [an event].”

The final component of a robust cyber risk mitigation strategy is cyber insurance, which Hubbard said is “absolutely critical” to empowering organizations.

“Cyber insurance helps you recover from the situation faster. It covers the costs of the actions that you need to take to get your business back up and running,” Hubbard said.

“While the requirements for getting cyber insurance are more stringent and premiums are going up, it provides organizations with the expertise and guidance to properly recover [from cyber incidents].”

How can organizations prepare for cyberattacks that strike after a natural disaster? Share your thoughts with us below.

Recent articles & video

Mounting threats to gender-based rights a theme at LEAF’s annual Equality Day reception

Ontario Court of Appeal clarifies insurance coverage rule for passengers of stolen vehicles

Top Personal Injury Boutiques for 2023 unveiled by Canadian Lawyer

Lega unveils LLM governance platform to jumpstart law firms' AI journey

Cassels reimagines office design, replaces ‘old partner’ setup with ‘equality of access’ to daylight

Report calls for federal framework to implement Canada’s international human rights obligations

Most Read Articles

Cassels reimagines office design, replaces ‘old partner’ setup with ‘equality of access’ to daylight

SCC finds company committed abusive tax avoidance in case dealing with general anti-avoidance rule

The Law Society of Ontario governing coalition will face serious challenges

For AI, intellectual property must now reward and incentivize creativity and inventiveness: lawyer