The shift over the past year to remote work prompted a large increase in phishing and other cybersecurity threats during the initial months of the COVID-19 pandemic, according to a new report released Monday by Connecticut’s Public Utilities Regulatory Authority.
The annual Public Utilities Critical Infrastructure Report assessed last year’s cybersecurity vulnerabilities and policies of regulated electric, gas and water utilities. It found that utility company cybersecurity programs had to quickly scale up in order to enable employees to connect remotely and safely to company networks.
“In general, this massive societal shift to remote work prompted malicious actors as a whole to change priorities,” according to the report. It noted that while the frequency of ransomware attacks generally declined because schools, businesses, and other organizations stopped or scaled-back operations, more phishing attempts were made against personal accounts and systems, as well as virtual meeting platforms.
The report also found third party vendors that provide external services to utility companies remained vulnerable.