Cyber risk heightened due to Covid-19 remote working; Aon

Companies are at increased risk of cyber attack while employees are working from home, according to the professional services firm, Aon.

It says the surge in remote working has seen unprecedented amounts of traffic accessing company networks remotely and home devices are emerging as a weak point in the security chain.

Many employees are accessing sensitive data via unsecured networks and devices, putting both the business and its reputation at risk, it warns.

"We are seeing a rise in cybercriminal activity and the numbers looking to exploit the fear caused by the current crisis," Rory Moloney, Global CEO of Aon Risk Consulting, said. 

"They're targeting vulnerable employees. Leaders need to make their staff aware of this risk and enhance their resilience," he added.

Among the steps he recommended putting in place to reduce exposure include the use of sophisticated virtual private networks (VPNs) to ensure safe access to sensitive company data and the running of simulated spear phishing campaigns to demonstrate how resilient systems are to such attacks.

We need your consent to load this rte-player contentWe use rte-player to manage extra content that can set cookies on your device and collect data about your activity. Please review their details and accept them to load the content.Manage Preferences

Spear phishing attacks, which generally come in the form of a fraudulent email to induce the target to reveal their financial details, have become more prevalent and sophisticated during the coronavirus outbreak.

"Malicious actors are taking advantage of the fear created by the virus. These emails typically contain unsafe attachments which purport to offer information about the outbreak or updates on how to remain safe," Mr Moloney said.

He said it was imperative that businesses keep pace with the complex and changing set of cyber risks they now face. 

"Far too often, cyber becomes a priority only after a cyber incident has occurred. To better prepare against attack and risks, companies need to continually assess their risk profile, identify any gaps in their systems and proactively manage their defence," he concluded.