The former head of the US National Security Agency has warned that the coronavirus pandemic has significantly increased cyber risk, with companies likely to face a growing number of attacks.
Michael Rogers said risk has increased due to so many people working from home rather than in offices, which have better cyber protection.
Mr Rogers was head of the NSA, the US government agency in charge of cyber security, between 2014 and 2018.
He is now on the board of directors at CyberCube, which advises insurance companies about cyber risk.
Speaking to the Financial Times, Mr Rogers said: “Remote access is being executed on a level that is nowhere near the historic norms of the past, and that’s pretty much across all business sectors,” he said, adding that the use of the same infrastructure for work and personal purposes was increasing the risk.
He also warned that people searching for coronavirus-related information could inadvertently let hackers into their data and systems.
“There’s a much greater propensity among user populations now to access links or respond to emails that they believe are making them smarter about Covid,” he said. Roughly two-thirds of successful attacks, he said, originated with “spear phishing” emails in which users click on links or images in an email.
Mr Rogers said ransomware attacks were the “poster child” of the growth in incidents.
These involve a hacker accessing and encrypting company data, and only releasing the decryption key if money is paid. According to insurer Beazley, ransomware attacks jumped 25 per cent in the first quarter of this year compared with the fourth quarter of 2019. “Attackers are finding they have . . . a higher probability of success,” said Mr Rogers, as there was an increased willingness among companies to pay ransoms.
The US Treasury last month warned that companies making ransomware payments could breach sanctions regulations.
Mr Rogers is not the only former security leader to have raised warnings recently about the future cyber crime threat. Robert Hannigan, former head of GCHQ and former number 10 security adviser in the UK has raised concerns about the potential for increased cyber crime via the Industrial Internet of Things.
Robert Hannigan will be speaking on the future cyber threat landscape at PrivSec Global, a live streaming event, on 1 December. Click here for more
Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.
Reserve your place today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.