COVID-19 pandemic panic a hotbed for cyberattackers

The COVID-19 pandemic has driven home just how connected the world has become. The future of work is changing – remote working is becoming the norm and work itself has become more distributed, which means, endpoints are too. Personal cyber-safety and security have become a growing concern, as a disparate workforce creates greater attack surfaces for hackers to penetrate.

Digital distancing will play a catalyst role in mitigating the risk of cyberattacks during the COVID-19 pandemic.

An important part of digital distancing is to make sure that your work computer is only connected to a unique network in your home. All other personal devices – including your family’s – should not be using the same network. The networks and routers in your home needs to be updated regularly and should be using a sentence instead of simply a word, for a password.  

Additionally, everything in your house – from your networks, including Virtual Private Networks (VPNs), to your applications and your operating systems on mobile phones and laptops – should be updated on a regular basis. Turn on the auto-update functions so you don’t forget.

We all need to appreciate the fact that every device needs some security on it. Every device, even personal ones and especially Mac devices, are vulnerable to attacks. Remote working essentially means that you are now being targeted at home, your family is targeted because of who you work for and this could be the epicentre of a contagion that goes back into your corporate environment.

The Malware Threat

The COVID-19 pandemic has resulted in a state the global shift to work from home. This means we are currently going through the world’s biggest distribution of endpoints, which essentially creates a greater attack surface. 

The current climate of uncertainty with the pandemic panic has also created a hotbed for cyber attackers. Threat actors tend to take advantage of the widespread desire to be informed and this is already happening with the Coronavirus. People and businesses who are already in a heightened state of emotion, and on overload with changes in all aspects of their lives, are now at risk from bad actors intent on stealing sensitive information, payment details and more, simply by using luring tactics that feature Coronavirus themed malware.

These tactics and attacks are not new. We are continuing to see the prevalence of phishing emails as the initial access. We’ve seen a huge spike in masquerading, where attackers pretend to be an authorized user of a system in order to gain access to it. This is happening across the globe, even in Singapore. There is also a growing number of fake VPN clients and installers that are disguised as malware.

Individuals and businesses need to remember two key things – good cybersecurity hygiene and education. Educating your end users, family and friends should be a priority during this unsettling time.

Spotting Pihshing Emails

Phishing remains one of the most common and effective means for an attacker to gain initial access to their victims’ environments. In fact, in our most recent Singapore Threat Report, phishing was the second prime cause of successful breaches.

Phishing is pervasive for one simple reason: it works. The vulnerability that makes an organization susceptible to phishing is its human users — which are also among the more difficult pieces in the security apparatus to “patch”. Since it is not feasible to stop these attacks by technical means, we must rely on the targets themselves — humans — to mitigate their effectiveness. Look out for the following factors in your emails to avoid being a target of phishing attackers:

  • Poor grammar and misspelled words
  • Requests for personal information, including payment information
  • Requests for usernames and passwords
  • Improper URLs hidden behind hyperlinks
  • Broken links and images
  • Sender’s email address and domain
  • Other email recipients (are they familiar and relevant?)

Cybersecurity Tips for Companies

As more and more employees are mandated to work from home, security and non-security professionals alike are left wondering what they can do to keep their data and systems safe. Here are seven tips to get you started:

  1. Steer clear of public Wi-Fi: While it’s true that most of us are socially isolating ourselves at home, it’s still important to remember to avoid public Wi-Fi networks if they are an option. These types of networks are much less secure and open you up to a whole host of vulnerabilities. Use personal networks, hot spots, or some way to encrypt your web connection whenever possible.
  2. Automatically push updates. Your security solution should be able to automatically push security and policy updates to your devices—regardless of if they are on the corporate network. This includes updates to applications.
  3. Separate networks. If you have the technical acumen, put your laptop on one router network, and all other devices on a second. Additionally, you should be the only systems administrator on your network and all devices that connect to it.
  4. See what’s happening on your endpoints. As a security practitioner, it shouldn’t matter if devices are on or off the corporate network—you should be able to see what’s happening on them and spot abnormal behavior. Ensure your endpoint security solution gives you this type of granular visibility, on and offline.
  5. Educate your workforce. Make sure your employees know how to see and stop common attacks (like phishing). Due to the current climate, you may need to send out additional training or refreshers to help your workforce recognize potential threats.
  6. Update passwords frequently. Your employees should be changing their passwords every few months—this becomes more important than ever when they are off the corporate network. Additionally, update your router password—use a full sentence for maximum security.
  7. Two Factor Authentication (2FA). 2FA adds an additional step to the process of accessing critical data. The first step being a username and password, and the second step being additional verification (like a pin or a push). Enabling 2FA ensures that the user logging in as an employee is truly who they say they are.

The cybersecurity equivalent to washing your hands for 20 seconds?

With COVID-19’s spread, there have been numerous recommendations from health authorities and experts that one of the best, first-level measures to help spread infection is to wash hands with soap and water thoroughly for 20 seconds.

In recent days, I’ve frequently heard the question: “What can I be doing RIGHT NOW to improve my security posture?” While that answer often depends on individual circumstances, here are three quick wins that everyone can be doing right now to make sure we are all “washing our hands”:

  1. Stay on Top of Patching & Regular Software Updates. Both individuals and organizations should stay abreast of the latest patches and updates from software vendors. Patches often resolve weaknesses and security vulnerabilities within products. Patching lessens the risk that a hacker can take advantage of a previously existing weakness. For organizations, IT Ops teams need to be able to patch and configure devices remotely. Security solutions should allow you to identify vulnerabilities, install patches and validate configuration remotely via the cloud, giving your team the confidence that every endpoint is up to date on the latest policies and secure.
  • Use multi-factor authentication (MFA). Multi-factor authentication adds an additional step to the process of accessing critical data. The first step being a username and password, and the second step being additional verification (like a pin or a push). MFA is becoming increasingly popular for many services we access daily. Enabling multi-factor authentication ensures that the user logging in as an employee is truly who they say they are. MFA also lessens the risk of poor password hygiene. Still, as a rule of thumb, passwords should be truly random, 16-character phrases contain upper- and lower-case letters, numbers, and symbols.
  • Leverage a VPN. With so many employees working remotely now, using a virtual private network (VPN) can help better secure internet connection and keep private information private via encryption. Public WiFi can be a gamble as it only takes one malicious actor to cause damage.

As with any situation where infection is a possibility, a healthy amount of scepticism is always warranted. Be wary of emails coming from unknown sources, particularly if the requestor is asking you to click on a link or an attachment. When in doubt, pick up the phone and call someone to ask if their request is valid.