COVID-19 Cybersecurity Response Measures
2020 has quickly become the year of the Coronavirus. With experts now claiming that containment of Covid-19 is likely impossible, security teams must now prepare for a variety of scenarios.
Unfortunately, several unscrupulous threat groups are using the crisis to bypass corporate and government cybersecurity controls, including phishing attacks with malicious links and email attachments infected with malware and/or ransomware.
iON recommends security teams work with their organizations’ communications departments to advise users to watch out for the following types of emails or phone calls, especially those related to Covid-19, as they are mostly likely fraudulent:
- Any message that communicates an extremely high level of urgency. This is a psychological lever that malicious groups pull to compel people into taking a prescribed action.
- Any message that pressures recipients into bypassing security or departmental policies and procedures.
- Any message claiming to be from, or on behalf of, an official or government organization urging recipients to take immediate action.
- Any message that promotes a “magic cure” for Covid-19, such as a vaccine or herbal remedy that will protect you. No such substance currently exists.
For the latest updates on Covid-19, we recommend visiting Health Canada’s Coronavirus Outbreak Update website site or the World Health Organization’s Coronavirus Outbreak website.
Bear in mind that Coronavirus scams and attacks are designed to play on people’s emotions and they can happen via email, text, or the phone, at home or at work.
Finally, in the event that your organization advises large segments of its workforces to work from home for extended periods, now is a good time to ensure you are prepared to accommodate a much larger number of secure remote connections than usual.
Considering this possibility, we recommend Network and Security Administrators review their current remote connection capacity to accommodate work-from-home arrangements for the majority of their users. Important questions to consider are:
- Do we have the necessary bandwidth?
- Do we have the necessary device memory, network, and CPU capacity?
- Do we have a sufficient number of licenses?
- Do we have the policies in place to ensure every user connects only to the network resources appropriate for them?
- Do we need to prioritize access for some segments of users?
- Do we have necessary documentation ready that ensures proper usage of remote connections and details unauthorized activity?
iON acknowledges that these are anxious times, but with adequate planning for this scenario, organizations can avoid being blindsided by a phishing attack or a lack of readiness for an expanded work-from-home policy. Also, events like these can provide an opportunity to reaffirm the working relationship between security and communications departments, reinforce cybersecurity best practices already in place, and maintain operational continuity during an emergency.
Senior members of iON’s security team have recently conducted presentations for local clients regarding measures to thwart Coronavirus phishing campaigns, and we can assist organizations with email filter configuration and security awareness or rapid procurement of new firewall remote connection licenses.
We are here to help if you need us.
You might also like
Response to the Solar Winds Supply Chain Attack
IMPORTANT ADVISORY The following blog post addresses a recently uncovered major cybersecurity attack that was spread through an update to the SolarWinds Orion network monitoring software. This attack has major implications for both iON clients and any organizations using SolarWinds Orion. FireEye refers to the backdoor as SUNBURST. They are tracking the campaign as UNC2452. Microsoft has labeled the attack “Solarigate” in Windows Defender (the latest Windows Defender update detects and blocks this attack). Background SolarWinds is a software…
Cybersecurity Lessons from Nortel and Tesla
From Nortel to Tesla: A Tale of Two WhistleblowersAutumn is a season that invites contemplation. As the leaves turn, the weather cools, and the kids go back to school, it’s a good time to reflect on the events of a lively spring and summer. At iON, recent reports about two major cybersecurity events have certainly…
To Zoom or Not to Zoom
NOTE: iON’s April 20 Update to this blog entry follows after the conclusion. As organizations try to maintain operations with most of their employees working from home to minimize the spread of Covid-19, Zoom Video Communications has experienced an explosive increase in usage. By late February, the company had already added 2.2 million new users, surpassing their total number of new users for all of 2019, while their number of daily users has…