Cybercriminals are taking advantage of the panic, targeting individuals, corporations, governments and industries in Ireland and around the globe.
Phishing campaigns in multiple languages suggesting a COVID-19 cure, linking to fake World Health Organisation advice websites and offering up guides as attachments are all designed to separate users from their usernames and passwords, capture personal and sensitive information and deny users access to their systems.
This should not come as a surprise. Cyber criminals will use any issue to extort for their own gain, and COVID-19 is no exception – a lure to compromise victim’s computers due to the confusion, urgency, misinformation and a personal connection for all – it’s a criminal’s gold mine.
As organisations rush to shift their businesses and workforce online with a heavy reliance on working from home, cybercriminals are ramping up their tactics to take advantage of those who may have inadequate or naive security postures as a result.
If you’re enacting or broadening your remote working policies, we encourage you to consider the following:
Beware of scam emails
Be especially wary of any email or communication suggesting it is from the HSE or WHO, even if it appears to come from a legitimate address. Unless you operate in the healthcare industry, it is unlikely that these agencies will be sending you emails about COVID-19 and certainly not requested payments or usernames/passwords. Also, remember that official entities do not take cryptocurrency payments, so any request of this type should be considered malicious.
Refresh team security knowledge
Promote your information security policy, particularly the areas which talk about remote working, mobile device security and use of public Wi-Fi.
Most cyber criminals will attempt to exploit social engineering opportunity. They will try to convince you to do something you should not! You may want to ask your teams to take an additional online training course for cybersecurity fundamentals or phishing training.
Remind your teams about the importance and construct of a good password.
Reinforce to users that home PC’s are not to be used for work or client data.
Be clear on how remote support will work
Make sure you have a robust remote access solution with appropriate authentication (ideally multi-factor) and encryption. If you are rolling out a new solution make sure its’ security is tested before it’s deployed.
Users may no longer be able to visit the IT helpdesk physically and organisations need to prepare staff for new procedures for IT support.
Reconfirm helpdesk phone numbers, email addresses and web site details.
Let employees know how to access remote support.
Confirm with employees if they will or will not need to download software for remote support. If they need to install new software, do it through official methods and before any work from home strategy is enacted.
Give teams a mechanism to report issues when things do go wrong.
Employees should avoid using free Wi-Fi. Instead, use a personal hotspot, which is more secure, and be sure to disable mobile Wi-Fi and Bluetooth when not in use to prevent connecting to unknown networks or peer-to-peer devices.
Staying up to date and moving with the changes
If you’ve been thinking about rolling out multi-factor authentication, there is no time like the present. With attack surfaces growing exponentially and new wireless networks and locations being used to connect to corporate systems, MFA has never been more important.
Make sure everything is up to date – antivirus, and software patches.
Review your systems logs and alerts given the significant changes in attack potential for your organisation.
Remote working offers a great coping mechanism to the health pandemic which is testing individuals, organisations, communities and countries resilience like never before.
Consider reviewing the security of your current remote access solution.
By taking some pragmatic steps, organisations and individuals can prepare so that information security is not an unintended casualty of the pandemic.