Understand how you can proactively protect your business from increasing cyberattacks.
Lori Tuffield and Mike Peterson
5-minute read
Share
As a result of COVID-19, remote work has become much more common, reducing company expenses and relieving many employees of their daily commute. But another side effect has been the rise in cyber threats. Attempted fraud and cybersecurity attacks have skyrocketed, many of which exploit remote workers and the computer systems required to accommodate them.
These threats can be costly. According to the US Department of Justice, the average ransomware demand exceeded $100,000 in 2020, and sometimes demands can amount to tens of millions of dollars. So, it’s critical that businesses protect themselves.
Phishing and malware attacks surge to record highs
Malicious phishing emails targeting remote workers rose 667% during the height of the pandemic in 2020. The 2021 Payments Fraud and Control Survey, conducted by the Association for Financial Professionals (AFP), indicates that 80% of companies with revenues of $1 billion or more have experienced attempted or successful payment fraud. Even for companies with revenues under $1 billion, that figure is 67%.
Ransomware attacks have also increased in recent years. In April 2021, cyberattackers shut down Colonial Pipeline, forcing the company to pay $5 million in ransom. In July 2021, Kaseya, an IT solutions company, paid $70 million when ransomware targeted a product that enables their clients to manage their computer networks. Through June, attacks in 2021 numbered more than 305 million, more than all of last year.1
Ransomware growth by quarter
Ransomware growth by quarter
Quarter
Global cyberattack volume
Q1 2020
59,624,638
Q2 2020
61,758817
Q3 2020
78,362,186
Q4 2020
104,893,366
Q1 2021
115,792,994
Q2 2021
188,902,580
These threats are likely to increase, according to experts, in part because making an attack is becoming easier. A Russian organization that goes by the name Darkside, which was behind the Colonial Pipeline incident, offers “ransomware as a service,” in which other attackers can rent out prewritten ransomware.2
Business email: A crack in the system
Email systems appear to be particularly vulnerable. More than 62% of cyberattacks were attempts on email systems, according to the AFP survey. The process often involves spoofing a company’s domain in order to impersonate key executives. Spoofed emails are then sent to employees with access to critical information and payment processes.
The Federal Bureau of Investigation (FBI) reports that organized crime groups are now involved, as well. The way they operate is to learn as much as they can about a company’s business using readily available information. With that, they’re able to target a key executive, typically in the finance department and to make a fraudulent request sound plausible.
The FBI explains that some organized crime groups do this in 4 simple steps:
Business email compromise timeline
Step 1: Identify a target
Organized crime groups target US and European businesses, exploiting information available online to develop a profile on the company and its executives.
Step 2: Grooming
Spear phishing emails and telephone calls target victim company officials, typically an individual identified in the finance department. Perpetrators use persuasion and pressure to manipulate and exploit human nature. Grooming may occur over a few days or weeks.
Step 3: Exchange of information
The victim is convinced they are conducting a legitimate business transaction. The unwitting victim is then provided wiring instructions.
Step 4: Wire transfer
Upon transfer, the funds are steered to a bank account controlled by the organized crime group. Perpetrators may continue to groom the victim into transferring more funds.
Other fraudulent requests can take the form of:
A request from a vendor or supplier stating their banking account has changed.
A request from an employee asking to direct payroll to a new bank account.
An email from the bank asking for your credentials or stating that you need to do something differently to access a system.
How to fight back
Fortunately, businesses don’t have to sit by passively waiting for attacks to occur. There are many steps they can take to protect themselves, and at CIBC, we are ready to provide assistance. For example, businesses should require dual control for online banking and wire and automated clearing house (ACH) payments. They should also use ACH Positive Pay and Check Payee Positive Pay to help ensure that the payments made match the payments issued. Additionally, account activity should be reviewed daily and accounts should be reconciled in a timely manner.
Other best practices businesses should put in place:
By phone, verify any wire or ACH instructions using a number on file at your company.
By phone, verify any requests to wire or send funds via ACH, even if the request comes from an internal officer from your company. Make sure this policy is known to all team members.
Review your company’s approach for employees’ access to social network sites on company computers.
Train and test employees on anti-fraud best practices.
Ensure IT employs processes for running updated antivirus software and patches for operating systems, as well as system backup. Make sure that the backup is maintained independent from the main system.
Review insurance coverage, particularly for cyber fraud.
If you do have an incident of fraud, immediately contact your bank and insurance company. The insurance company may have you file a complaint with the Internet Crime Complaint Center (IC3).
Finally, consider using Trusteer Rapport, which is a security application that protects personally identifiable information such as user IDs and passwords or tokens. This app is free to download for all online banking users from the Trusteer Rapport webpage.
For more on how we can help protect your business, please visit our fraud prevention page. You can also reach out to us to have a conversation with our Treasury Management team. Lori Tuffield, Co-Head of Treasury Management, CIBC US Commercial Banking can be contacted at 312-564-1267 Opens your phone app.. Mike Peterson, Co-Head of Treasury Management, CIBC US Commercial Banking can be reached at 312-564-1297 Opens your phone app..
Find the insights that matter to you
Check out our most popular topics and find articles, webinars and podcasts to elevate your business.
By selecting Canada as your region, you will leave the CIBC USA Region site and enter a site of an affiliated CIBC entity. CIBC affiliates may have a different privacy policy. Affiliates are responsible for the products, services, and content on their sites. Any deposit accounts or products that may be offered by affiliates of CIBC Bank USA, which are not FDIC Members, will not be FDIC insured.
Cookie notice
CIBC uses cookies to understand how you use our website and to improve your experience. This includes personalizing CIBC content on our mobile apps, our website and third-party sites and apps. To learn more about how we do this, go to manage my advertising preferences.
