For a world that is beset by numerous health and economic woes, one extra challenge seems anything but fair. But from the perspective of a cybercriminal, COVID-19 has opened a range of opportunities, a distraction that has caught victims off guard as they are forced to drastically change their usual working practices.
By Zak Gottlieb, Business Development Manager for Computers In The City
Firstly, there are the phishing, malicious domains, and online scams that exploit the fears of individual users by using virus-related keywords or claiming to be guidance or information from governments or medical authorities. These include emails that purport to be from the World Health Organization (WHO) with a link that initiates a malware download. According to Interpol, incidents of phishing, scam, and fraud increased by as much as 59% in the first four months of 2020.
Next, we must consider the en masse migration of millions of employees from a secure office location to working from home. This is a disruption that has given cybercriminals new possibilities in the methods and procedures they use. With a workforce of 348 working from home, Zaha Hadid Architects were victim to a security breach in April. With data backed up, the firm refused to pay the ransom and suffered minimal damage. But the same was not true of the University of California, which had its systems frozen by hackers and was forced to pay $1.14 million in bitcoin. The data that was seized included work on a cure for the coronavirus. In a 2020 mid-year report, BitDefender claims a year-on-year increase of 715% in ransomware.
Given this onslaught of new methods of cybercrime, businesses are advised to take their security measures to the maximum. It is a good idea to hire a reliable and trusted IT company specializing in IT security who can carry out all essential checks.
Employees working remotely can be more vulnerable to phishing, scams, and social engineering, but data from Orange Cyberdefense shows that the more serious attacks target remote access points and VPN gateways.
This shift in ordinary working arrangements has truly left the business and workforce in a completely different situation. In a recently created infographic, information is provided on the new trend, as well as the benefits, lifestyle advice, and useful cybersecurity tips.
For most businesses, security infrastructure is the first priority, yet human activity is still the cause of most breaches. Systems for monitoring and recovery are needed, as well as response teams that can effectively address a wide range of attacks.
Naturally, most businesses need to adjust to the larger remote workforce, which means hardware and software must meet company security standards for every employee. This has led to many businesses going through years of digital transformation in just a few short weeks – one of the few silver linings of the pandemic.
Many organizations adopt a zero-trust model of access, to ensure that users, devices, and applications will not be trusted by default. Another approach to take is the principle of least privilege, which allows only the minimal degree of access to the lowest possible number of users. With these approaches, verification comes before trust, and participants continually work as though there has been a breach.
Businesses can benefit from connecting with other organizations within the industry and sharing news and best practices. These include the Financial Services Information Sharing and Analysis Center (FSISAC), which allows fintech companies to collaborate on approaches to cybersecurity.
Best practices vary depending on the size and nature of each organization, so it is important to develop a policy and set of procedures that are particular to your business.
The global pandemic has changed everything and left us with different processes, architecture, and modes of working, so last year’s policy will probably need to be updated. Risk assessments can help to inform this, and enforcement mechanisms should be identified. Policies need to be clear and strictly followed throughout the organization.
More remote connections leave a business more vulnerable to attacks. External perimeters can be protected by deploying Network Access Control (NAC) which can validate devices and promote security policies when connecting remotely. Detection and monitoring controls that are tested and proven can reduce the threat, as can limiting access to data.
Strengthen Endpoint Security
All devices must be checked for patches and protected against malware. Security software must be tested to ensure it is operational, then it can be used as part of a program for detection and monitoring.
Complete our Endpoint Security Survey and win lots of amazing goodies!
Remote Access Management
Multi-factor authentication (MFA) must be used as a minimum requirement for gaining access to VPN and other key software tools. There should be extra scrutiny of remote network connections, as well as IP whitelisting and limiting remote desktop protocol (RDP) access.
Collaboration and workflow tools, as well as video conferencing tools, have been essential in 2020, but security settings need to be set to the maximum to avoid any potential breaches. Additional technologies can be used to improve operations, such as virtual reality and augmented reality.
Cybersecurity Incident Response Plan
If your business does not already have a cybersecurity incident response plan in place, then COVID-19 should make clear the need for one. If you already have an incident response plan, it should be updated to meet the current operational context. This can be coordinated with your disaster recovery and business continuity plans for consistency.
Members of staff should always be at the heart of cybersecurity policies and practices, and this should not be overlooked during the crisis. Employees need to be kept up to date with regards to current cyber threats, industry news, and any changes in protocol.
Now that most of us have become more adjusted to the new normal, we can expect the sharp rise in cybercrime to stabilize towards the end of the year. But even before coronavirus made its attack, cybercrime had been rising fast and demanding a greater commitment to security measures from businesses of all sizes. This means we need to be prepared for the worst in the future and show unwavering resilience.
About the Author
Zak Gottlieb is the Business Development Manager for Computers In The City, a London-based IT support organization focusing on small and medium-sized businesses. Zak is distinguished by his passion for cybersecurity, his focus on collaborative team-building, and his commitment to excellence.
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.