As the world focuses on the significant threat posed by COVID-19, cyber criminals across the globe are positioning their weapons to capitalize on the coronavirus fears by launching online scams and cyber-attacks.
It’s almost the perfect storm for them, an unprecedented number of home workers, combined with the general ensuing chaos caused by the bewildering global challenge we all face.
Just this week the U.S. Health and Human Services Department (HHS) suffered a cyber-attack on its systems, with the goal of disruption and disinformation aimed at undermining the response to the coronavirus. Hackers have even been spotted creating fake healthcare websites. While on its surface, Vasty Health Care Foundation sounds like a legitimate business, it’s actually one of fraudulent websites designed to trick people into donating to help fund relief efforts around the globe.
This disruption to staff and security process, combined with the massive shift to working from home has already led to an enormous spike in phishing attacks specifically designed to leverage the current state of concern, often appearing to be from a legitimate organization or individual. Data centers have become significantly more vulnerable as they are opened up to accommodate more remote access. And finally, we are hearing of IT teams that have put security projects on hold while they attempt to deal with the disruption to business caused by the pandemic and focus their efforts on providing remote access for their employees.
Against this backdrop, both employers and employees should all be turning up the focus on cyber security vigilance in order to protect themselves as well as their organization’s critical assets and data. Here are a few critical security measures organizations should consider in order to minimize risk:
- Make sure you've got the basics covered - Security controls like the CIS Controls are needed now more than ever before. The CIS Controls are a set of prioritized actions that help organizations defend against today’s most devastating cyber-attacks by combining key security concepts into a set of actionable controls to achieve better overall cybersecurity defense. Every discerning security team should be taking extra steps to educate users to the increased risks as well as ensuring good, basic security controls are in place. Learn more about the essential basic controls by watching our Back 2 Basic webinar on-demand.
- Perform safe remote access - As more organizations are closing offices and mandating remote work arrangements, it’s critical that employees working remotely know how to stay safe online when using company devices. This includes connecting to a secure network and using a company VPN to access work related accounts, avoiding public WiFi, separating your network so that company devices are on their own WiFi network, and maintaining a clean machine with up to date software and security patches.
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security’s cyber agency, recently issued an alert pointing to specific cybersecurity vulnerabilities around working from home versus the office. CISA highlighted potential cyberattacks on virtual private networks (VPNs), which enable employees to access an organization’s files remotely.
- Practice good cyber hygiene - Remote working obviously creates a bigger risk but with a little quality knowledge transfer, the risk can be significantly reduced. For example, remind staff to avoid websites that are not known and trusted. Give them helpful tips on how to spot a phishing email with things to look out for. A simple email from the security team to all remote users, with some good information and a reminder that not only do they need to apply greater personal hygiene right now, they also need to apply concerted computer hygiene, will go a long way.
- Be on the lookout for phishing emails - Attackers thrive on chaos, so be on the lookout for phishing emails designed to trick you into clicking on the latest offer related to the coronavirus.
Here are a few tips to help you avoid falling for a phishing attack:
-- Be suspicious if the email is from a public address
-- Make sure that the email address matches the sender - such as an example below:
-- Keep an eye on grammar - a poorly written email is a dead giveaway-- Be hyper suspicious of attachments. Phishing emails come in many forms, but the one thing they all have in common is that they contain a harmful payload. This will either be an infected attachment that you’re asked to download or a link to a bogus website that requests login or other sensitive information
-- Avoid clicking on emails with prompt action - can oftentimes be a time sensitive "you must act now" type of request
- Maintain secure configurations- Last but not least, it’s critical to ensure that all systems are constantly configured with security in mind. The CIS Benchmarks would be a great place to start and ideal for the increase in remote workers. Trusted information security standards like the CIS Controls mandate the need to ensure IT assets are continuously assessed for known vulnerabilities and secure configurations. In fact, CIS Control 5 specifically emphasizes the need to establish, implement and actively manage the security configuration of all devices, servers and workstations. For more information on the importance of secure configurations, watch our latest webinar on CIS Control 5.
The situation we find ourselves in is bad enough. Don’t allow it to get worse by indulging the bad guys. With a combination of technology and employee education and training, it can be done properly. Now is not the time to pause any of your cyber security initiatives – security departments need to be on high alert. Instead, now is the time to turn up the volume to full and get on the front foot. Everyone, please stay safe out there.
Share this post