Threat actors don’t just seek out security weaknesses. They look for situational vulnerabilities. Every holiday season, for instance, they come out of the woodwork to capitalize on the seasonal surge of retail transactions. Just as malicious actors use peak retail activity as a moment to attack, they also use the chaos wrought by natural disasters to their advantage.
Natural disasters may not just knock out networks, they can also wreak havoc and sow confusion. Bad actors often thrive in the disorder, taking advantage of compromised security systems as well as frazzled leaders and employees more likely to fall for social engineering tactics. Consumers are also at higher risk, more susceptible to phishing scams in emergency scenarios. During these events, emergency infrastructure isn’t just overtaxed, it’s also vulnerable to cyberattacks. Hackers can target individuals, groups, or entire municipalities.
So what should individuals, businesses and public safety agencies keep in mind with regard to cybersecurity in the event of a natural disaster?
For businesses, preparation is critical to better prepare themselves from being a victim of a cyber attack during these moments of crisis. Good governance and security posture 24/7/365 is one of the best defense tactics. A few strategies to employ include:
Have an incident response plan
If you don’t have the right systems and procedures in place, the amount of damage a cyberattack can inflict may be significantly elevated during a disaster. Trying to thwart cyberattacks is always the goal, but you must be prepared for breaches. Systems must be in place to quickly identify security incidents in order to quarantine and prevent larger breaches.
Train your people now
According to the 2024 Data Breach Investigations Report (DBIR), across all breaches reported the human element was involved in 68% of breaches. In other words, one of the biggest cybersecurity threats organizations face is their own well-meaning employees.
For consumers it is a different challenge – they are coping with high stress situations and the health and wellness of themselves and their families. They often find themselves susceptible for schemes – but knowing to be on high alert during these moments can mitigate many of these threats.
Beware of vishing and phishing
One way threat actors take advantage of the confusion caused by natural disasters is to masquerade as a trusted person or organization offering assistance, whether that be through calling you – otherwise known as vishing, or through email and text (smishing). If someone is offering services at a cost (that are otherwise supposed to be free services), it is possible that they are attempting to coax sensitive information out of you or gain access to your device or network.
Require multi-factor authentication
In an emergency, it can feel counterintuitive to add another hoop to jump through by requiring multi-factor authentication (MFA). But this extra step has proven to be incredibly beneficial, helping to keep threat actors out of systems in a moment when login credentials could be easier to obtain. Requiring MFA across your organization, no matter the level of seniority, can help to prevent an even greater disaster.
Public Safety agencies should be extra diligent
The pressure on public safety agencies and emergency services professionals ratchets up during natural disasters. It makes sense. Lives are at stake, after all. One could forgive them for thinking these practices are trivial during life-and-death situations, but strict adherence to cybersecurity best practices like multi-factor authentication is crucial during disaster scenarios.
A lack of familiarity with social engineering tactics and cybersecurity best practices leaves workforces vulnerable to threat actors, especially during natural disasters that can disorient people. Such scenarios underscore the importance of having a workforce that is fluent in cybersecurity best practices, but educating a workforce takes time. You must communicate your cybersecurity policies and continually reinforce them. You must test your workforce with cyberattack simulations, and share the results along with insights and lessons. If you wait until disaster strikes, however, your workforce might not be ready.
It’s never too late to start planning
Threat actors gravitate toward disasters because they know people are often less diligent about adhering to security protocols during crisis situations. They’re distracted with other pressing matters, understandably so. There are measures you can take to counteract opportunistic threat actors, but your preparations should start now. By the time a disaster arrives, it can be too late. Start now, and begin with your people.