Cybercriminals Targeting Vulnerable Businesses in the Wake of Natural Disasters: What Businesses Need to Know

When your business is affected by a natural disaster, you likely anticipate damage to your physical property and materials or disruption to your power and other utilities. Unfortunately, there’s another serious threat that accompanies natural disasters: cyberattacks.

Cybercriminals often take advantage of the turmoil caused by natural disasters to exploit vulnerabilities and launch malicious attacks. From hurricanes and tornadoes to pandemics and wildfires, these catastrophic events disrupt business operations, strain resources, and create opportunities for attackers to strike.

To safeguard against the potential cyber risk accompanying natural disasters, businesses must understand the unique risks associated with such events and take preemptive actions to protect their digital assets, maintain operational continuity, and mitigate the impact of attacks during times of crisis.

Why Cybercriminals Take Advantage of Natural Disasters

The disruption and damage of natural disasters stretch businesses’ resources thin, leaving little to no capacity for cybersecurity. This creates an appealing target for cybercriminals seeking financial gain.

The state of confusion and anxiety that results among employees and management during and after a disaster often creates a sense of urgency to restore business operations. Cyberattackers can capitalize on this disorder by attempting to trick employees into making impulsive decisions, like clicking malicious links posing as relief organizations, such as FEMA, state and local government, or even their insurance company offering assistance.

Beyond opening the door to social engineering attacks, catastrophic events can result in infrastructure damage, power outages, and network disruptions, exposing businesses to unexpected vulnerabilities that cyberattackers can exploit. In the aftermath of a natural disaster, businesses may inadvertently expose sensitive data or compromise network security while focusing on recovery efforts. Cyberattackers can use this opportunity to steal valuable information, commit identity theft, or deploy ransomware attacks.

5 Measures to Secure Your Business After a Natural Disaster

If your business finds itself caught in a natural disaster, you need to react immediately and strategically to secure your attack surface. These 5 tactical cybersecurity measures can help guide your incident response to mitigate risks and protect critical assets:

1. Communicate Effectively With Employees: During recovery, clear communication is essential to prevent confusion and maintain security. Provide your team with precise instructions on accessing systems securely and reporting any suspicious activity. Remind them that cybercriminals may exploit the chaos through social engineering tactics like phishing emails or texts disguised as disaster relief efforts. Equip your employees with the knowledge to recognize and avoid these threats.
2. Secure Your Physical Locations: If your facilities have sustained damage, it’s crucial to safeguard access to sensitive physical assets like servers and employee workstations. Unauthorized access to damaged infrastructure can compromise your entire operation.
3. Assess System Integrity: After a natural disaster, assess the health of your critical infrastructure, such as servers, routers, and hardware. Any physical damage could leave vulnerabilities that attackers may exploit. Additionally, ensure that your internet connectivity and network infrastructure are stable and fully functional. Expect that internet services may be intermittent or slow during recovery, so keep alternative communication methods like phone, radio, or SMS available as backup.
4. Coordinate with Key Third Parties: Collaborate with your managed security providers, insurers, and key vendors to reassess your threat landscape. If you rely on cloud services, confirm that your provider’s systems are secure and there’s been no data compromise during the disruption.
5. Verify the Integrity of Your Backups: Check that all critical data backups are intact and free from corruption or damage. Ensure they remain isolated from the primary system to prevent the spread of ransomware or other threats. A secure backup is your best defense against data loss.

How to Prepare Your Cybersecurity for Future Natural Disaster Events

To prepare for future natural disaster events, businesses can take proactive measures to enhance resilience and protect against cyberthreats. Here are some strategic steps businesses should consider:

Employee Training and Awareness: Provide regular training to employees on cybersecurity best practices, disaster response protocols, and how to recognize and respond to cyberthreats during emergencies. Conduct simulated exercises and drills to test employees’ readiness and responsiveness to cyber incidents that may occur in the context of a natural disaster.

Risk Assessment and Incident Response: Conduct a comprehensive risk assessment of your business and all third-party vendors and partners to identify potential cybersecurity risks associated with natural disasters. Establish a formal incident response plan outlining roles, responsibilities, and response procedures for managing cyberthreats in emergency situations. (If you’re an At-Bay customer with Embedded Security, our Advisory Services team can assist you in developing an incident response plan). Additionally, implement contractual requirements for vendors to maintain cybersecurity standards.

Secure Infrastructure and Data: Implement robust cybersecurity measures like endpoint detection and response (EDR) or — even better — managed detection and response (MDR), which will continue to be managed by an external provider even when your team is unavailable or overburdened. Use cloud-based services and data backup solutions to ensure data resilience and availability in the event of physical infrastructure damage. Properly configured and regularly tested backups (ideally cloud-based) should be a foundational part of your organization’s cybersecurity strategy.

Cyber Insurance Coverage: Cyber insurance coverage can help mitigate financial losses and liabilities resulting from cybersecurity incidents and data breaches that may occur. If you haven’t checked on your coverage in a while, speak with your insurance broker to make sure you have the cyber insurance coverage that you need.

Security Posture Maintenance: Conduct regular testing of cybersecurity controls, disaster recovery procedures, and incident response plans to ensure they are effective and up to date with evolving threats and technologies. Stay informed about emerging cybersecurity trends and technologies that can help enhance the organization’s cyber resilience in the face of natural disasters.

By adopting a proactive and holistic approach to cybersecurity preparedness, businesses can strengthen their defenses, minimize disruption to operations, and safeguard their assets and data against cyberthreats during future natural disaster events.

Need Cybersecurity Support? Talk to a Cyber Advisor

Cybersecurity advisors and consultants can provide guidance on emerging threats and effective risk management techniques. Their expertise can be invaluable in disaster preparation, recovery efforts, and long-term cyber resilience. Continuous collaboration with these partners can help you adapt your risk management strategies to changing circumstances and maintain a proactive stance against cyberthreats. 

At-Bay Cyber and Tech E&O policyholders with Embedded Security have access to At-Bay Stance™ Advisory Services¹, a team of cybersecurity experts who can assess your cyber risk and provide actionable insights.

Schedule a call with At-Bay’s Advisory Services team to get started.

Footnotes

1. At-Bay Stance Exposure Manager and At-Bay Stance Advisory Services are available to policyholders via the Embedded Security Fee and corresponding Embedded Security Endorsement, as shown in Policy’s Declarations. Please refer to the policy form for additional information.

These materials have been prepared by At-Bay for informational purposes only.