How Comcast Business is responding to the most prolific era of cybercrime and protecting its customers

Photo | Contributed Paul Savas.

Write a Comment

By Zachary Comeau

By all accounts, 2020 and 2021 have been some of the worst years for cybercrime as hackers pounce at the opportunities presented to them by the pandemic and a distributed workforce.

“It’s the year of the cyberattack,” said Paul Savas, vice president of Comcast Business, in an interview with the Hartford Business Journal.

Savas spoke about the sheer scale of recent cyberattacks that have had massive impacts, including the ransomware attack on Colonial Pipeline this spring that fueled price increases at the pump and caused some to stock up on gasoline.

The proliferation of cybercrime

According to cybersecurity firm Tessian, hackers were licking their chops at the opportunity to prey upon the health concerns of the general public immediately after the coronavirus outbreak. Phishing emails with a malicious attachment purporting to notify employees of a co-worker catching the virus became common.

Savas spoke about the sheer scale of recent cyberattacks that have had massive impacts, including the ransomware attack on Colonial Pipeline this spring that fueled price increases at the pump and caused some to stock up on gasoline.

From pipeline operators to municipal services, school districts and more – nobody is immune.

“Everybody has been a victim,” Savas said. “What predators do is they prey on situations, and a pandemic is a situation where there are lots of entry points in.”

One frequently observed attack over the course of the pandemic has been COVID-19-related phishing scams in which an email purports to be about vaccine information or testing kits only to deploy ransomware if a user opens the attachment or clicks a link. That compromise of one user can have drastic effects for the company’s entire network.

Leading IT vendor Cisco in a recent report said hackers are preying upon the remote workforce and the poor security posture of those employees, as remote workers have been singled out and targeted.

“Nobody is immune,” Savas said. “Lots of people are targeted, and bad actors will always try.”

Diligence and education

According to Savas, the solution boils down to taking this threat seriously. A successful ransomware attack not only impacts the IT network and slams on the brakes of any impacted organization, but it also impacts the relationship with its customers.

More importantly, that means lost revenue, and likely a sizable bill to mitigate the attack.

“That’s where the real impact is,” Savas said. “They can put you out of business.”

In addition to implementing security tools like multi-factor authentication, network segmentation and a Zero Trust network architecture, preventing cyberattacks also comes down to education.

According to the same report from Cisco, phishing attacks – which usually attempt to convince an unsuspecting user to click on a malicious link or attachment – are the entry point for 90% of data breaches.

Another recent report from cybersecurity software company Trend Micro attributed most security incidents to compromise of business email credentials.

Hackers are getting better at making these emails seem legitimate, including company branding and good grammar that make them appear harmless.

Comcast Business makes cybersecurity a priority

That’s why Comcast employees are subjected to regular training and awareness, to the point where Savas admits he may be overly cautious by asking the company’s IT and security professionals about the legitimacy of emails.

“It could be something that came from a really good bad actor, but it happened to be something that actually was internal,” Savas said. “But I’d rather be safe than sorry.”

As an internet service provider trusted by local small- to medium-sized businesses, as well as national enterprises, cybersecurity is part of the culture at Comcast Business.

“As a premier technology company, we invest in resources that you would expect to secure a really critical network,” Savas said.

One of those security products is Comcast Business Security Edge, a solution designed to protect against threats like malware, ransomware, phishing and botnet attacks by blocking access to suspicious websites and preventing employees from clicking on malicious links.

According to Comcast, this solution can help protect any device connected to the corporate network, including PCs, laptops, tablets and smartphones.

Another Comcast Business security solution is Advanced Security, a tool designed to integrate with Comcast Business SD-WAN that includes options for on-premises security or cloud-based security.

Other Comcast Business cybersecurity solutions can help prevent DDoS attacks and help secure a remote workforce. This includes Comcast Business Distributed Denial of Service (DDoS), a subscription-based offering that proactively detects DDoS attacks, alerts customers when an attack is under way and enables the means to mitigate attacks.

For both itself and its customers, Savas said Comcast makes cybersecurity a top priority. The safeguards in place may present as a minor inconvenience, but the company values the privacy and security of its customers’ data over anything else.

“We make sure that we’re always securing our customers’ information, so a couple extra steps for them to jump through is highly worthwhile,” he said.