Loading slides ...

COVID-19 Preparedness and Client Assistance





During these unprecedented times your organization is forced to adapt to a rapidly changing security environment.  The rise in ransomware, phishing attempts and data breach events is a reminder of the importance of reevaluating your cyber security hygiene and risk management strategies, especially during the COVID-19 crisis where hackers are finding more vulnerable targets than ever before. Please take a moment to review our special edition of COVID-19 Risk Management Guidance to help you navigate through this crisis and to protect your network and your private information from the increasing cyber-attack environment.  


Crime and Social Engineering Threats on the Rise

There have been reports of increased criminal cyber activity as cyber hackers seek to take advantage of the Covid-19 pandemic.  And with most employees suddenly working remotely, many companies have been forced to deploy new remote networks that cyber hackers are seeking to exploit.  There are many steps that companies can take to secure their remote networks, such as utilization of different usernames and passwords to access the network, multifactor authentication, and use of known and trusted vendors.
The FBI has issued a Public Service Announcement that provides guidance to companies seeking to protect themselves from the potential increased cyber risks presented by a remote workforce.
The United States Department of Homeland Security (DHS) Cybersecurity and
Infrastructure Security Agency (CISA) in conjunction with the United Kingdom’s National Cyber Security Centre (NCSC), has issued a guidance on this topic as well.


Cyber scammers are also taking advantage of anxieties related to the Coronavirus in order to trick people into providing personal information or make monetary payments.  These scams can be transmitted by email or by voice telephone calls.  Scammers lure people in by sending fake communications that reference alluring news such as free virus testing kits, Covid-19 related financial relief, or even purport to be government communications concerning the pandemic.  Extra vigilance should be exhibited whenever receiving any external communications concerning Covid-19, and companies should be sure to train and educate their employees to take precautions such as not clicking on links or opening attachments from emails, not responding to these emails, and not revealing any personal or financial information in response to any of these communications. 

Phishing Attacks Increasing During COVID-19 Outbreak

According to the CDC, https://www.cdc.gov/media/phishing.html, there is at minimum one scam that is pretending to send emails from the CDC with notices on infection-prevention techniques.  The FCC has received reports of hoax text message and robocalls offering free testing kits and false cures.  The Treasury department has sent out a warning about fake emails and phone calls involving the payments under the CARES Act. 
With the adding personal stresses and working from home, falling for a phishing email, text, or call is even easier.  It is even more important to have proper risk management in place to protect your business.
It is recommended companies endeavor to use the below risk management to stop Phishing attackes:
  1. Train your employees with a structured program that includes anti-phishing education, awareness campaigns and engaging tools
  2. 'Test' your people with a mock phishing campaign
  3. Use multifactor authentication and consider emerging passwordless technologies
  4. Train your people to trust but verify
  5. Monitor Results and Improve


Teleworking Increases Your Risk of an Event – Protect Yourself!

Several Governmental organizations such as the Department of Homeland Security and FBI have issued warnings that threat actors will exploit vulnerabilities inherent in Teleworking. Further, many Cyber Security firms such as FireEye and Crowdstrike have reported increases in ransomware attacks, credential theft and exploitation of unprotected Wi-Fi connections or teleworking applications and software.  Learn how to protect yourself with the following Best Practices:

Using Secure Wi-Fi Connections
  • Employees should access Company Network from a private Wi-Fi network.
  • Train teleworkers to configure home Wi-Fi routers securely, such as:
    • Router password is not a default password and uses a complex password
    • Request Teleworkers home Wi-Fi has WPA2 or WPA3 encryption. 
    • Change network name or SSID name to something that would not easily identify the person’s network or turn off SSID broadcasting.
    • Restrict who can access the home Wi-Fi.
Keep Systems Updated (patched)
  • Ensure teams responsible or system patching and updates maintain patching updates on a regular scheduled
  • Heighten the identification and deployment of any software updates to applications sensitive to Teleworking that can be exploited such as those frequently issued by Microsoft
  • When appropriate, turn on functionality to receive automatic software updates from software providers
  • Remind employee’s to regularly shut down and restart machines to ensure patches are deployed timely
  • Increase frequency of vulnerability scanning to validate remotely connected machines are updated/patched properly
Establishing a VPN
  • Any connection to the Company Network from outside the organization should be thru an established VPN connection where each user is assigned a unique username and password.  Multifactor Authentication should also be deployed to ensure proper authentication of access
  • Do not use RDP (remote desk protocols) as a method for remote access. Treat actors commonly exploit this application to gain access to the company’s network
  • Ensure proper firewall configurations for remote access deploying the narrowest rules as possible. Best to use Port Scanner or other tools available to validate the configuration operates as intended
  •  Ensure VPN or other logs for remote access are collected and monitored
Access Management
  • Implement least privilege to all remote workers regarding access to Company Network and applications
  • Terminate user access for furloughed or laid off workers
  • Provide employees with specific ways to contact the Company’s Help Desk and enhance your Help Desk’s user verification process before resetting passwords, assisting with remote connections or downloading applications.  Help Desk should have a list of terminated or furloughed employees, and company approved applications
Confirm Teleworking/Communication Application software is safe
  • Select and whitelist only corporate IT security approved teleworking and telecommunication software
  • Employees using BYOD to connect to a Company network should be instructed to only use company approved Operating Systems, Web browsers and software versions for download and use.
  • Monitor the vulnerabilities of third party remote access service providers thru the use of Security Ratings Platforms such as BitSight or Security Scorecard
  • If Office365 user, implement best practices for remote email access recommended by Microsoft
Other items to consider
  • Maintain inventory of all company assets, such as laptops and workstations, that were deployed to employees during temporary Telework programs so that then can be properly accounted for when returned.
  • Ensure all mobile devices have a Mobile Device Management (MDM) solution to provide remote disabling capability if the device is lost or stolen.
  • Ensure that all company devices have the most recent version of approved software and have the capability to remotely deploy patches and updates as necessary.
  • Prohibit use of free online email and messaging services
  • Review and Update any incident response plan and contact names and numbers to account for changes in key internal and vendor contacts
For more information check out recently published tips from NetDiligence COVID-19: Rising Cybersecurity Threats at:  https://netdiligence.com/wp-content/uploads/2020/04/NetD_COVID-19_Rising_Cybersecurity_Threats_040920.pdf

Additional Resources

Government agencies have posted alerts concerning these scams, including the FCC, the FTC, the CDC, the DHS CISA and the FBI (links below), and share numerous examples of the broad range of scams that companies should be on the lookout for.  
FCC - https://www.fcc.gov/covid-scams
FTC - https://www.consumer.ftc.gov/blog/2020/04/scammers-are-using-covid-19-messages-scam-people
CDC - https://www.cdc.gov/media/phishing.html
CISA - https://www.us-cert.gov/ncas/current-activity/2020/03/06/defending-against-covid-19-cyber-scams
DHS CISA - https://www.us-cert.gov/ncas/alerts/aa20-099a
FBI - https://www.ic3.gov/media/2020/200320.aspx