The COVID-19 pandemic has created an environment in which hackers and other malicious cyber actors are gleefully thriving. They are exploiting all the current uncertainty and anxiety via ransomware attacks, phishing campaigns, social engineering and financially-motivated scams. Although we are living in unprecedented times, the cyber threats we face and the malicious actors are not new. But the singular focus on COVID-19 may make many organizations – and individuals – the proverbial fish in a barrel for cyber bad guys.
These attackers understand and target our current thirst for information to help us navigate this pandemic. A sudden, intense focus on specific topics such as local coronavirus case data or where to find face masks makes it easier than ever for bad actors to design a phishing email, scam, or other attack.
At the same time, organizations scramble to adopt remote-working best practices as employees move en masse from working inside a traditional office to remote environments practically overnight.
Companies now, for the most part, understand that cyber security threats are common, and have often done the right thing and taken measures to prevent them affecting their business communications and their business itself.
But they now need to adapt their defenses to the current environment of uncertainty and social distancing. Here are three of the most important things that need to be considered.
Adapt Your Ransomware Response Playbooks
In today’s threat landscape, you can’t just focus on preventing ransomware attacks; they must also have a robust strategy for how to react to such attacks. In addition, organizations should adapt their ransomware response playbooks for the current remote working environment.
For example, in the event of an attack, convening an organization’s key decision-makers in one room to strategize on response is not likely to be an option. Simple measures such as compiling the contact information and backup phone numbers for key decision-makers can go a long way.
Ransomware response playbooks should also outline topics such as whether or not the organization would pay the proposed ransom or seek outside help first, the legal teams the organization will work with for counsel and mitigation, and considerations for engaging with legal counsel other key players remotely.
Consider Network Visibility and Secure Devices
Most likely, very few organizations had plans to shift from in-office work to most staff working remotely in a matter of days. Network monitoring protocols that works in a traditional office setting may leave you in the dark in a remote working reality. A foundational step in understanding the risk profile is to first understand the network visibility available and adjust enterprise protocols as necessary to protect in today’s environment.
Another key tool at the disposal of managers is the trusted network list. In these unprecedented times, reducing the number of trusted networks and restricting user access can prevent credential attacks and keep your networks safer.
Maintain Employee Engagement
The coronavirus pandemic has already caused big swings in global markets, with a possibility of the steepest economic downturn since the Great Depression, according to the International Monetary Fund. Given the current financial volatility, we have already seen layoffs, furloughs and reductions in work hours, with other difficult decisions ahead.
In this uncertain time, critical in these times of increased emotional and economic stress that can lead to increased insider threats – intentional or otherwise. In addition to internal communications plans, you do need to consider the possibility of insider attacks.
This means ensuring that employees who are no longer working with you have their access to your networks terminated and that current employees are aware of security best practices while working from home. But do not expect them to go it alone.
Make arrangements for a remote re-training session on the basics and if they need new or updated hardware or software to do their jobs properly – everything perhaps from a new antivirus program to a better router – it really is your responsibility as an employer to provide it.