How the Coronavirus Elevated Cyber Risk and How to Stay Protected
Recently, the ongoing COVID-19 pandemic has transcended beyond the boundaries of physical risk of infection as the threat of the virus has significantly altered the operational infrastructure of governments and businesses globally. With major interruptions in workflow, the pandemic has led to the creation of history’s largest remote workforce. Consequentially, a high percentage of these newly remote workers have not had thorough training or prior experience in working from home, leaving an immense gap in most companies’ cyber posture.
In the wake of self-isolation, many businesses are now handling sensitive corporate data on personal devices without the configuration of corporate VPNs/antivirus/firewalls, MFA or other remote services. On the other hand, bad actors and cyber criminals have made full use of the dynamic environment adding further fuel to public concerns.
Most often, user-error is to blame for corporate data-breaches. Whether it is the failure to recognize a criminal’s tactics or simply clicking on something in haste, most data breaches are initiated by someone opening the door to the criminal. With prevention as the best way to stay safe, we have compiled a list of tactics to look out for and tips to help you stay protected.
Step 1: Understand the Intentions
There are several ways in which a cyber criminal will typically look to take advantage of their victims including spam, spoofing, phishing and spear phishing. Regardless of the delivery method, the intentions are to:
Trick the user into opening an attachment containing hidden malware in order to infect their system or network. The criminal will now have access via a foothold in the user’s network to deploy ransomware or extract data at their leisure.
Deceive the user into providing financial details or credit card information by posing as a legit charitable organization.
Persuade users to click on a fake link. These links appear to be taking the user to a proper site but when scrolled over, the actual site address shows an altered destination. Typically, these links will execute scripts to install malware or have them log onto a fraudulent site exposing login credentials and passwords.
Convince users (usually in accounts payable departments) to pay a phony invoice by way of what appears to be an email sent from a vendor or from a spoofed internal email that appears to be from a department head or executive.
Con users into providing their company credentials by creating a replicated Office 365 page requiring login information to receive access to a document or account recovery.
Step 2: Know What to Look Out for
With cyber criminals taking full advantage of the global crisis by preying on the public’s fears and their need for information, new scams have been evolving at an astonishing rate. Here are some of the vectors they have been using and what to warn your employees to look out for:
Phishing Scams – As mentioned, phishing schemes generally look to lure victims by triggering an emotional response. By playing off the fear created by the pandemic, many phishing attacks are promising the latest news and updates. Look out for fake emails offering health and safety guidance, government aid, infection-rates, etc. from news sources, the CDC and WHO. Also beware of spoofing internal company emails or associated company vendors/partners such as Human Resources, financial companies and IT related issues. With remote employees looking out for company updates and official business-related communication, bad actors will be sure to take advantage of any angle they can find.
Remote Services Attacks– For most companies that can accommodate employees working from home, there will be a major reliance on the use of software as a services (SaaS) and cloud-based remote services. Cyber criminals are exposing holes in the lack of cyber security awareness training for these newly remote employees. Criminals are deploying Ransomware by leveraging Remote Desktop Protocol and using brute force tactics to crack login passwords. Compromising personal devices and gaining access from single sign on credentials is becoming an easy target.
Vishing and Telecom Scams – With remote employees having a high reliance on telecommunications, an increase in bad actors imitating official business-related communications is highly expected. Vishing (Voice-Phishing), robocalls, Smishing (SMS-Phishing) and tech support scams are all tactics that may be implemented during this time. While criminal activity appears to be initially targeting the West Coast of the United States and other hard-hit areas by the coronavirus, industries across the US and Canada that have been affected are also experiencing an uptick in scams. Many tech support scams include pop up warnings and phone calls redirecting the user to take immediate action. Smishing scams include free offers for medical supplies and donation links.
Step 3: Helpful Tips on How to Stay Protected
As the COVID-19 pandemic continues to progress, experts predict that more scams will advance, and cyber risks will continue to escalate. This being the case, it will be vital for organizations to remain vigilant and equip their employees with cyber security awareness training.
Initiating remote service tools such as Virtual Private Networks (VPNs), using Multifactor Authentication (MFA), ensuring that your operating systems/apps/software are constantly updated and fully patched will establish a solid foundation for cyber security safety on top of proper awareness training.
To initiate your awareness training, include the following into your remote work policies:
Invoke a notice that all official updates will be regularly sent at a predetermined time on a predetermined day so users will know when to expect official company updates.
Have all users carefully read the “From,” and “Reply To” email address before opening attachments or sending replies. Look for any misspellings and errors in each address.
Recommend that users only use official websites for news sources and updates (WHO/CDC/Local news organizations), likewise for charitable donations (RedCross/MealsOnWheels).
Any links or attachments referencing the pandemic should not be opened unless the sender is verified authentic (tip: scroll over a link with your cursor to see where the source destination is before clicking. If the link is misspelled, the URL is scrambled or if the link is shortened, you may be at risk when clicking on the link).
Do not supply any credentials or send any financial data/payments unless verified and approved as indicated by your remote policy.
Let your IT administrator know if any suspicious emails appear as they may not be the only ones targeted within the company.
Combining the staggering figures of user error with a global crisis, such as the ongoing pandemic, affords criminals an infinite possibility for victimizing untrained users. Be sure to hold regular cyber security awareness training with your team members to help keep data security at the forefront during the crisis.
Let’s Start the Conversation
If you are a happier IT client and would like to start a conversation with your happier IT vCIO, please reach out to team@happierit.com.
If you’re not yet a happier IT client, but you are interested in becoming one or have questions on how to increase cyber security measures during the crisis, please contact sales@happierit.com.