contact us

Coronavirus and Cybersecurity

by Apr 2, 2020

Coronavirus and Cybersecurity

As most of the U.S. enters its 3rd week of lockdown, everyone that is able to work from home has pretty much figured how their “new normal” works. IT teams have been working around the clock to provide the hardware, software, and systems to allow their teams to work in their pajamas and keep their companies running as smoothly as possible. However, this new way of working is also driving significant changes in attack surface for most enterprises. Whether it’s new or expanded VPN services, new two-factor authentication systems, or massive updates to data access rules, there’s little doubt that Coronavirus has also delivered a new set of challenges to cybersecurity teams.

We’ve already seen evidence of new phishing attacks [1], DNS hijacking attacks [2], and even new ransomware attacks [3]. A recent survey of security professionals found that 40+% had seen increased cyberattacks as they enable remote working [4]. While I’d like to think that there’s a special circle of hell reserved for the miscreants trying to exploit this pandemic, I doubt the perpetrators are going to stop any time soon.

So, the question becomes, “What is a thoughtful security practitioner to do in response to this rapidly evolving threat landscape?”. While I’m not a practicing security professional in the classic sense (or really any sense), I’ve got three thoughts.

  1. Go back to management basics: You can’t manage what you don’t measure. Do everything you can to establish real visibility of your new and expanding attack surface. If you haven’t changed anything in your IT infrastructure, count your blessings. For the rest of us I think this means increasing red team activities, more frequent penetration testing, and yes, ensuring you’ve got a risk-based vulnerability management process in place capable of illuminating and prioritizing the vulnerabilities you need to fix immediately.
  1. If you don’t have anti-phishing technology yet deployed, do so. Even if you do this would be a good time to (re)run some anti-phishing education programs for employees. Given our collective focus on Coronavirus news, we’re all vulnerable to seductive email subject lines about protective gear, vaccines, etc. It’s our job to help our teams not fall victim to them.
  1. Now, more than ever, encryption is your friend. Your employees almost certainly have more corporate information on their laptops at home than ever. Whether that data is at rest or in motion, it needs to be encrypted. This is particularly true of the storage on their laptops, but also all of their communications channels (email, chat, and teamware such as Slack, Confluence, etc.)

You all be well…and stay at home if you’re able.

________________________________

[1]https://www.cisomag.com/youre-exposed-to-coronavirus-says-phishing-email/
[2]https://threatpost.com/hackers-hijack-routers-to-spread-malware-via-coronavirus-apps/154170/
[3]https://www.zdnet.com/article/czech-hospital-hit-by-cyber-attack-while-in-the-midst-of-a-covid-19-outbreak/
[4]https://threatpost.com/coronavirus-poll-cyberattacks-work-from-home/153958/

RiskSense Careers

Looking for a new opportunity in the growing field of Cyber Risk Management?

View Now >