Cybercriminals are taking advantage of the COVID-19 panic, targeting individuals, corporations, governments and industries globally.
Phishing campaigns in multiple languages suggesting a COVID-19 cure, linking to fake World Health Organisation advice websites and offering up guides as attachments are all designed to separate users from credentials, capture personal and sensitive information and deny users access to their systems.
This should not come as a surprise to anyone. Hackers will use any issue to extort for their own gain, and COVID-19 is no exception – a lure to compromise victim’s computers due to the confusion, urgency, misinformation and a personal connection for all – it’s a hacker’s gold mine.
As organisations rush to shift their businesses and workforce online with a heavy reliance on working from home, cybercriminals are ramping up their tactics to take advantage of those who may have inadequate or naive security postures as a result.
If you’re enacting or broadening your remote working policies, we encourage you to consider the following:
Be wary of scam emails
Be especially wary of any email or communication suggesting it is from the DHS or WHO, even if it appears to come from a legitimate address on the official domain (e.g dhhs[.]vic[.]gov[.]au, health[.]gov[.]au, and who[.]int). Unless you operate in the healthcare industry, it is unlikely that these agencies will be sending you emails about COVID-19. Also, remember that official entities do not take cryptocurrency payments, so any request of this type should be considered malicious.
Refresh team security knowledge
- Promote your information security policy, particularly the areas which talk about remote working, device security and use of public Wi-Fi.
- Most cyber criminals will attempt to exploit social engineering opportunity. Ask your teams to take an additional online training course for cybersecurity fundamentals or phishing training.
- Remind teams about the importance and construct of a good password.
- Reinforce to users that home PC’s are not to be used for work or client data.
Be clear on how remote support will work
Users may no longer be able to visit the IT helpdesk physically and organisations need to prepare staff for new procedures for IT support.
- Reconfirm helpdesk phone numbers, email addresses and web site details.
- Let employees know how to access remote support.
- Confirm with employees if they will or will not need to download software for remote support. If they need to install new software, do it through official methods and before any work from home strategy is enacted.
- Give teams a mechanism to report issues when things do go wrong.
Staying up to date and moving with the changes
- If you’ve been thinking about rolling out multi-factor authentication, there is no time like the present. With attack surfaces growing exponentially and new wireless networks and locations being used to connect to corporate systems, MFA has never been more important.
- Make sure everything is up to date – antivirus, anti-malware, patches.
- Review your systems logs and alerts given the significant changes in attack potential for your organisation.
Remote working offers a great coping mechanism to the COVID-19 health pandemic which is testing individuals, organisations, communities and countries resilience like never before.
By taking some pragmatic steps, organisations and individuals can prepare so that information security is not an unintended casualty of the pandemic.