The news of the Silicon Valley Bank (SVB) collapse is everywhere right now, and with it has come much speculation about what should have been done to prevent it, the fallout it will or won’t cause, and much more.
We’re not going to weigh in on any of that.
We do want to share some thoughts about the cybersecurity implications of what’s happened and offer some words of caution.
Malicious threat actors love a good frenzy, a crisis they can capitalize on and exploit to carry out an attack. This is where digital health leaders and entrepreneurs, whether they are SVB customers or assumed to be, should be on high alert.
50% of US venture-backed tech and life science companies bank with SVB and countless VC firms; with a target audience this size, a malicious actor doesn’t need to know who is affected and who isn’t-they can just start guessing. They don’t need everyone to fall for their antics, just an unfortunate few. And because SVB customers include many digital health and medical device companies, patient data is potentially at risk.
Here are some ways you can and should expect bad actors to start exploiting the fear and panic surrounding the SVB collapse.
Misinformation: It isn’t hard to make information look official. Don’t believe everything you read right now. Whether it’s the crash of other banks, emergency funds and banking services available to you, or any number of other messaging-operate out of suspicious default. Assume everything is fake until you verify through a reputable source.
Social Engineering: This is where we’re expecting to see a lot of malicious strategies. Here are three types of social engineering to be on the lookout for:
- Phishing emails: The FBI’s Internet Crime Complaint Center’s Internet Crime Report 2022 reports phishing is the top cybercrime of 2022. It only takes one person to click on link in a phishing email and open your network to a malicious threat actor. Similarly, your employees should be on the lookout for personal phishing emails aimed at getting their personal banking credentials, etc.
- Fake social media accounts: this is a common strategy of malicious threat actors, created to lure people into giving their personal information to someone that looks official or legitimate but isn’t.
- Fake CEO emails or text messages: this tactic can be incredibly effective to a staff that isn’t educated, prepared, and vigilant. When your CEO emails you and asks for something, no matter how crazy it seems, it’s easy to take action without thinking. It often starts with, “I need a favor right now” or something similar and can quickly expose your organization or an employee’s personal credentials.
Be Vigilant: You can take action right now to help protect your organization, employees, and patient data with just a few simple steps:
Communicate with your employees. Starting with whether or not your organization has been affected by the SVB collapse and the developments over the past few days. Don’t assume that because you ingest the news regularly that your employees do the same-they may not be aware that all deposits have been backstopped and that companies have access to their funds. Don’t let them wonder and worry; it makes them more likely to fall for a phishing email or fake CEO email.
Educate your employees. Events like the SVB collapse are a paradise for scammers and malicious threat actors. Educate employees to know what to look for, how to verify information, and that the leadership team should never ask for sudden favors or financial information via email or text.
Engage your cybersecurity partner. Don’t assume your cybersecurity partners are on high alert on your behalf. Make sure you and your Security Operations Center are paying extra attention to failed logins, multi-factor authentication failures, and alerts. If you don’t have someone managing endpoint detection, firewall, logs, or actively threat hunting for you, now is a good time to consider engaging a partner.
Stay vigilant with your vendors. A vendor breach can quickly become yours. Your vendors are just as likely to be targets of all the above threats as your organization is, be sure you have insight into the threats that may exist along your supply chain.