In this context of global crisis caused by the Coronavirus or COVID-19 epidemic, cybersecurity threats are rapidly increasing in number and impact. Cybercriminals are taking advantage of this new situation and do not lack creativity to trap professionals and individuals.
Ransomware, phishing and other threats are gaining momentum, especially with all the risks linked to telework imposed in this situation of containment. For example, more than 5,000 malicious web pages have been identified addressing the subject of CoronaVirus / Covid-19 and taking advantage of the world population’s need for information and drawing it into all sorts of traps.
On the other hand, during these last days several attacks targeting local communities and health organizations have taken place. For groups of cybercriminals sometimes sponsored by governments, everything is good to take and each particular situation can present an opportunity to seize before the others. It should also be mentioned that cybercriminals are not afraid of temporary layoff and are above all very used to teleworking.
Thus, it is more than essential to increase the level of alertness and to take special precautions against these risks growing at a very rapid rate. Whether biological or computer-based, the first protection against a virus begins with “basic protective measures” that must be adopted.
In the following, we present a non-exhaustive list of good practices and attention points for both users and cybersecurity managers.
5 basic protective measures for users
Pay attention to fraudulent messages
Whether they are by email, SMS or phone, messages from unknown sources or hiding behind a trusted person or organization can reach you. Phishing remains the first attack vector to steal personal, professional or banking information. If you receive suspect messages, ignore them. Do not click on the links contained in these messages and do not open the attachments often containing malware.
Verify the reliability and reputation of the sites you visit
Due to the current crisis situation, a proliferation of false information sites or online sales of products in very high demand such as masks and hydroalcoholic gels has been noted. Obtain your information from official sources and trusted sites and do not give in to the temptation caused by unknown sites offering products related to the health crisis at unbeatable prices.
Download your applications on official publishers’ stores
Applications obtained outside official stores such as Google Play or App Store may contain malware that, once installed on your devices, may attempt to encrypt the content or steal your personal information.
Do not try to disable or bypass the security measures of your devices
Whether they are professional or personal, the devices you use are more than ever in need of protection against the upsurge of cybersecurity threats. Proxy, antivirus, IPS, VPN, DLP or other security measures can be deployed on your devices and disabling or bypassing them can present a considerable risk by exposing yourself directly. If a security solution installed on your professional computer slows you down or blocks you in your work, inform your IT support.
Watch out for fraudulent donation appeals
Appeals for donations to support against COVID-19 are increasing. Some may be scams set up for illegitimate fundraising or to retrieve banking information through unsecured sites. Be careful of where and how your funds will go and make sure that you are not being manipulated for purposes other than those announced.
5 attention points for cybersecurity managers
Establish and communicate a clear telework security policy
Assuming that external environments contain hostile threats, a security policy for telework activities should be developed and communicated to the company staff. It must take into account the fact that third parties can take control of the devices made available to users and try to exfiltrate data from them. Also, remote communications can be intercepted or altered. Finally, the impacts of compromising users’ devices on the entire information system and the risk of propagation must be taken into account.
Make sure of the security of the workstations that left the premises
Some companies authorized their employees to take workstations outside the offices in order to ensure the continuity of the activity in this particular context. However, these computers do not necessarily have the same security measures as deployed on laptops commonly used following a mobility strategy. In other words, workstations may not be secure enough for use outside the corporate network. Thus, an assessment of the risks related to this unsuitable use must be carried out in order to quickly identify the necessary and missing security measures for these devices.
Do not systematically favor the continuity of business activity at the expense of security
The decision is certainly not easy to make when it comes to making a choice between ensuring the continuity of business activities of the company and ensuring non-regression on the treatment of security risks. It is sometimes difficult to be able to decide where to place the security cursor. In a situation of general crisis, the decision may be harder to make and if some security measures can disrupt or slow down business activities, some security threats may stop them completely.
Strengthen security measures and stay informed on evolving threats
It is clear that in face of more threats, a high alertness must be respected. Security bulletins published regularly by publishers, researchers and monitoring organizations contain relevant information on the evolving cybersecurity landscape. You should remain informed about the identification of new vulnerabilities and the publication of patches to deploy or workarounds to implement. On the other hand, attacks on companies and public or private institutions can reveal new threats like ransomware that you have to protect yourself from.
The majority of attacks exploit human vulnerabilities before technical vulnerabilities. It is essential to make users aware of cybersecurity threats and keep them informed of new threats they may face. And as user habits have recently changed under the impact of general containment and the switch to telework with, on the other hand, a state of mind potentially weakened by the health crisis, users must constantly be aware that they can be the target of cyber criminals and must also have knowledge of attack techniques so as not to fall into the trap.