Ways to Protect Your Company against Cyber Attacks during the COVID-19 Crisis

Photo by Martin Sanchez on Unsplash

As if the Coronavirus hasn’t been enough to wreak havoc on the global health landscape, Chief Information Officers are also faced with potential cyberattacks by criminals that are aware of vulnerabilities. Trying to maintain continuity for business and employees during this time may seem like you are herding cats, but there are steps that you can take to help to keep your company safe while everyone gets through the crisis.

• Cybersecurity staff need to do a full analysis on the network for those that are accessing and working remotely. Additional firewalls should be established to analyze all that have remote access so that they can’t login and bring any potential viruses or malware from their personal devices.
• A majority of staffers are working from home and this means that you and they rely on their personal devices and security set up. If employees are accessing your network you need to alter access so that it requires multiple authentications.
• As more are working from home during the pandemic there is now a requirement for cybersecurity teams to test VPNs and make them available as well as give employees incident-response tools. Reporting potential dangers can alert the security teams so that they can take immediate action.

Photo by Nina Ž. on Unsplash

• Cyber teams need to educate staff on the newer ploys involving social-engineering. These cyberattacks make attempts at tricking legitimate users by identifying themselves as help, healthy, or organizations that are bringing aid to those during the crisis. They will also act as members of your own company as help-desk or security, often using text phishing (known as smishing) as well as voice phishing (vishing) to gain access to remote devices and information.
• Educating remote workers on the newest methods of attack should also include high-level warnings on some of the newer COVID-19 websites and domains. As people are eager to get updates on the pandemic cybercriminals have created websites that are camouflaged as heat-maps or early-warning apps as they hide embedded malware such as AZORult. These threat actors target individuals that are working at home, steal their personal information, and some are even launching ransomware attacks. If additional precautions aren’t taken, a staff member can then access an unprotected company network and the ransomware will be transferred to the network and take it down until a ransom is paid.
• With families living in quarantine together, there may be various family members accessing the internet or even using the same computer. Cybersecurity teams should place a requirement that the computer used for communication with the company network should be isolated and not used by any other family member.

Source: Cybersecurity strategies for the coronavirus crisis