There is a painting that used to hang in the Groninger Museum in the Netherlands, the only one in its collection by the master who created it. It shows an elderly lady as she pauses in her garden, faintly smiling, an old church in the distance, surrounded by a landscape with the hazel and olive drabs of earliest Spring.
A few months after it was painted, Alaska would become a US territory, Mark Twain would write The Adventures of Huckleberry Finn, the cornerstone for the Statue of Liberty would be laid and the Washington Monument would be completed. It was a year of economic panic amidst the Gilded Age, a brief setback during a longer period of rapid economic expansion and wage growth in America.
The year was 1884, and the painting is Vincent Van Gogh’s The Parsonage Garden at Neunen in Spring. And it is now missing.
An example of Van Gogh’s early work, it had been on temporary display at the Singer Laren museum in Laren, near Amsterdam. It was stolen in the earliest hours of an early Spring morning. But it wasn’t a regular morning – it was a morning during the COVID-19 outbreak.
There’s nothing criminals love more than a big distraction and a lot of confusion.
The art thieves are at-large and details have not yet emerged on how precisely the heist was planned. It’s not known whether it was a sophisticated operation, or simply a case of “smash and grab.” And while the details of the museum’s security regimen haven’t been shared, the theft certainly is coming at a time when many organizations’ processes have become ad-hoc. Indeed, the theft has been classified as “opportunistic” as authorities are now entrenched in the forensics phase of investigation.
Most people and organizations aren’t too worried about protecting a famous work of art, but chief information security officers that read this are already nodding and recognizing the type of risk they’re standing down right now on a daily basis. General counsels are leaning forward as well. They know they have plenty to protect.
All these people working from home, all these carefully planned systems and processes being suspended – so much of an organization’s resilience right now relies upon the quality of its cybersecurity posture.
The news on cyber is not good. Phishing attacks and hacking campaigns are on the rise. Criminals are stepping up ransomware and DDoS attacks. They show no sign of conscience. Even cyberattacks against hospitals have significantly increased as hackers seek to maximize profits.
And the cybercriminals aren’t just smashing and grabbing the Van Gogh – they’re leveraging the lower level of vigilance to establish more complete access so they can steal the rest of the treasures later. Sleeper cells of bad actors may evade detection during too-cursory remediation, persist on a network for months or even years on end, and continue to silently laterally move to coveted accounts and users, spying on business activity, install malicious tools, or even exfiltrate data. According to Booz Allen Hamilton, cybersecurity dwell times may have been as long as 250 days before discovery before the COVID-19 outbreak, begging the question as to what is happening amidst the confusion of work from home. These aren’t bored geeks in their basements – these are organized groups and even nation states. Ransomware groups are so successful right now in locking up systems and ceasing victims’ operations that they are trying new experiments in ‘customer service.’
Unquestionably, criminal opportunism has risen along with the threat of coronavirus, and it’s translated into a host of risks for nearly every organization. At the forefront is the current risk of cyberattack. With any downtime or data loss comes a serious risk to reputation. During a period in which organizations may already be sending difficult messages to employees, customers and investors, a cyberattack could be staggering.
“All the fear and uncertainty surrounding COVID-19 plays into the hands of exploitative cybercriminals, scammers and nation state threat actors,” adds 4iQ Vice President of Marketing Claire Umeda. “Everyone is at a heightened risk, not just from a health standpoint, but also from a cyber security perspective. To help mitigate these threats, it is imperative to be extremely cautious in both your professional and personal online actions. For example, phishing and malware emails are escalating. Double check the exact spelling of sender domain email addresses not just the name displayed before responding or clicking on links or opening attachments. Right now, all organizations should be frequently educating their employees on the variations of attack trends, doorways of compromise and how to avoid being a victim.
Amid the COVID-19 crisis, it is more critical than ever that organizations plan in advance for the possibility of outage and data loss as a result of criminal cyberattacks. A complete cybersecurity incident response plan includes not only technical personnel and plans but also communications protocols to ensure cross-organization coordination and collaboration throughout the crisis. Tabletop exercises and other simulations led by communications professionals will test the effectiveness of the incident response plan, and many organizations may find the current work-from-home orientation to be an especially important and effective simulation scenario. In any case, establishing trusted technical, forensic, legal and communications partners in advance of any cyber incident is vital to the swiftest and most competent response.
The good news is that organizations that put the best resources in place recover quickly from cyber incidents. When leadership can communicate to key customers, partners, investors and employees that protections were in place, best practice has been followed and the organization has planned for all contingencies, constituents nearly universally support the brands that have been victimized.
One more datapoint to share – in recent decades, 28 paintings by Vincent Van Gogh have been stolen in the Netherlands. The good news? All 28 have been recovered.
Ian Lipner is an award-winning communicator known for instilling trust in innovation. Counted upon for practice innovation and pragmatic futurism, he counsels both global leaders and new disruptors through periods of rapid change. Ian brings senior leadership experience to client and agency teams, helping enunciate differentiation and demonstrate authenticity.