Be hyper vigilant in times of crisis

Businesses are facing an unprecedented situation. We’re in the midst of a global pandemic that has seen international supply chains disrupted, schools close, and businesses forced to quickly adapt to having the majority of their workforce performing their tasks from home. But while it has never been more important for businesses to have a robust virtual network in place, they have also never been more vulnerable.

Whenever the international community is facing a crisis, cyber criminals and hacking groups ramp up their activities and seek to capitalize on people’s fears and vulnerabilities. We are in unchartered territory with the COVID-19 pandemic, and it is providing these cyber criminal opportunists with immeasurable ammunition for exploiting weaknesses in security systems.

 

Why is it important to be aware of scams?

Cyber attacks can have a massive impact on businesses and the individuals who work within them. Aside from the phishing emails designed to steal an individual’s details, and scammers who prey on people in a bid to steal their money, certain forms of attack are designed solely to cause chaos for businesses and organizations. With working practices massively interrupted at the moment, hackers and cyber criminals are exploiting weaknesses and vulnerabilities wherever they can find them, and it’s important you and your teams are protected.

DDoS attacks, for example, are designed with disruption rather than destruction in mind. Instead of bringing a network completely to its knees, it will aim to slow down a website, interrupt data transfer, or make certain features or tools within applications unreliable – all of which are vital at the moment, as your teams carry out their functions remotely. A DDoS attack on your company right now could be catastrophic, not just operationally, but in terms of reputation, and of course financially. Over recent years, DDoS attacks have targeted 91% of UK businesses, with a potential cost to the economy of $1bn. Factor in the financial impact of reputational damage, and the figures become unimaginable. That’s why you need to be focusing on ramping up your security right now, and ensuring all members of your teams are aware of your cyber security policies and procedures.

 

Focus on the set-up

Companies are having to act fast to ensure it is business as usual as far as possible. That means IT managers are faced with quickly getting whole teams of people set up for home working, and it’s important to remain as diligent as ever in configuring hardware and networks with security in mind.

• Choose devices carefully. Whether you’re providing company laptops or setting up employees’ personal computers for home working, it’s important to have the correct anti-virus and security packages in place. The temptation is there to take shortcuts in security protocols to ensure downtime is kept to an absolute minimum, but the cost of a catastrophic breach could far outweigh the cost of slowing down and doing things thoroughly. Think ahead to how you are going to handle threats posed by data leaks and attacks from devices into your network.
• Password-protect everything. It’s a good idea to review and strengthen passwords across devices and remote resources, including email and network applications. If you can, you might consider implementing a two-step authentication model.
• Know your access points. Your remote access plan should be built in a way that means everything is verified and nothing is assumed. Make sure you know who has access to what information and segment your users to ensure they are authenticated at every access point.
• Removable storage. It can be hard to track what data USB drives contain, where they have been and who has used them. This leaves them wide open to becoming infected and, worse, introducing viruses and malware to your entire network. If you can, you should consider prohibiting or limiting their use, but if that is unrealistic you should provide company devices that are adequately encrypted and protected.
• Connection passwords. With workers connecting to company networks via their home wifi, it’s important they have a strong password in place. Educate teams on the ways an unsecured network makes it easier for cyber criminals to access personal passwords and data, as well as potentially enabling company-wide breaches.
• Do a stress test. With your remote workforce having increased dramatically, it’s vital to have a robust VPN or SDP in place. This infrastructure needs to be able to handle the large volume of traffic, so stress testing it is an absolute must.
• Identify key data. Take the time to identify, specify and label your sensitive data to ensure only the appropriate people are granted access to it. Taking a granular approach will mean you slow down and make really considered decisions, which will serve you well once remote access in fully enabled.
• Segment your workforce. Not everybody in the organization will need access to all areas of your network, so carry out an audit of current policies around access and sharing of different types of data. Segment your teams to ensure each person has access to only what they need.

 

Make your teams aware of potential scams

As well as looking after company hardware and networks, you need to make sure your individual workers are aware of the latest scams and know what to do if they fall victim to one. Make sure everybody knows exactly what your cyber security policy looks like, is supported in being vigilant to potential threats, and knows what your reporting and crisis response procedures look like.

The BBC has compiled a fantastic summary of some of the scam and phishing emails that are doing the rounds in the wake of the coronavirus outbreak. You can find that here. More generally, you might want to make sure your teams are aware of the following potential scams:

• Emails that mention COVID-19 and offer a cure, or a product for sale, such as face masks, hand sanitizers, drugs, etc.
• Emails that purportedly come from healthcare authorities, such as the NHS or the Centers for Disease Control and Prevention (CDC)
• Emails that look like they come from colleagues but which are not written in their usual style. Prompt your teams to double-check the sender address, looking for missing letters or full-stops, if they receive a suspicious-looking email
• Links to various websites purporting to carry statistics for COVID-19. Of the 4,000+ coronavirus-related domains registered since January, more than 8% have been identified as either malicious or suspicious.

Encourage your teams to use only official sites to remain informed, and to report any suspicious emails or links, and take action where necessary.

Reputable sources of information include:

• https://www.nhs.uk/conditions/coronavirus-covid-19/
• https://www.gov.uk/government/publications/covid-19-track-coronavirus-cases

 

For more advice on keeping your network secure, the National Cyber Security Centre has some great guides and educational material. Or feel free to give us a call – we’re always happy to help.