COVID-19: The cyber criminals new virus
By Rob Russell, Cyber-Security Specialist
1 April 2020
For many, homeworking is nothing new. A study conducted in January this year found that 68% of UK businesses already offer a flexible workspace policy. Two months and a highly contagious and volatile global virus outbreak later, every employee who is now able to work from home is doing exactly that. However, as employees around the world adapt to this new way of working, so too are the cyber criminals. Fraudsters were quick to take advantage of workplace disruption and in February, the National Fraud Intelligence Bureau identified a significant number of fraud where Coronavirus was mentioned, with victim losses totalling over £800,000.
In response to this, GCI held a webinar to provide practical advice on how to be more resilient to cyber-attacks while working from home. The webinar included the following steps:
The most successful phishing campaigns play on emotions and concerns. With the UK now on lockdown and many working from home, the emotions and concerns of the nation couldn’t be higher. For this reason, the National Cyber Security Centre (NCSC) issued a stark warning for organisations, urging them to re-assess their security strategies as criminals continue to capitalise on the widespread panic of Covid-19. Businesses must put cyber security and phishing awareness high on their agenda.
Multi-factor Authentication (MFA)
Hostile actors are harder to identify when your employees are remote working and coupled with changes to connectivity, conditional access such as Multi-factor Authentication (MFA) needs serious consideration.
Virtual Private Networks (VPN)
A VPN provides an encrypted channel that allows employees to access your company’s digital resources. Using a VPN reduces overhead from a configuration perspective as the users become ‘on-net’. Without the use of a VPN, you potentially open up corporate networks and digital assets to infection. Special attention to the benefit vs latency also needs to be considered as the vast shift to home working has many broadband providers struggling to provide the bandwidth required.
Many antivirus solutions work on a list-based system and this means that when a new threat is discovered, its unique identity is added to a universal global threat report, such as Virus Total. An analogy I use to explain list-based AV solutions is a “bouncer” securing the entrance of a nightclub. In many cases, he/she will have a guest list, but there is usually another list of people who are “known” for bad or anti-social behaviour, frequently accompanied by headshots and thus making them easy to identify and refuse entry. For this reason, it’s important to update your AV regularly. However, AV is not effective when it comes to spotting threats that haven’t been seen before or “Zero Day” threats. Therefore, it’s important to review your solutions regularly as many of the latest antivirus and antimalware technologies now use Artificial intelligence (AI) and Machine Learning (ML) which in some cases, can inspect over 6,000 features and characteristics of a file before it’s even executed.
Secure WiFi and Routers
While your employees are working from home, their home routers become your corporate edge defense. Your employees must check that these routers are secure and up to date. Users can check the firmware is up to date by referencing the vendor/ISP website. It’s also important that default usernames and passwords are replaced by strong unique passwords or even better, passphrases (E.g. ‘My favorite car is a Ferrari #355’ can be made into passphrase ’MfciaF#355’). Other things to consider include:
- Is WPA in use and non-default SSID/pre-shared key?
- Is the router’s firewall enabled (if available)?
- Who else has access to the network?
- Operating system firewalls should also be enabled due to the untrusted nature of a home network
Last but not least, updates. Your cyber security arsenal, including the above, is only as effective as how regularly it is being patched and updated. Updating and patching is essential preventative maintenance and unpatched software is a magnet for malware. It’s a known fact that in 2020, 70% of successful cyber-attacks exploited known vulnerabilities and 60% of breaches over the past two years were attributable to unpatched software, with 34% of companies knowing about the vulnerability in advance of the attack but simply didn’t get around to dealing with the problem*.
To access the webinar and learn about the steps above in more detail, click here
Over the past few weeks, our nation has seen firsthand how effective our government’s advice has been at slowing the spread of the Covid-19 virus, with measures such as washing our hands for 20+ seconds regularly, not touching public surfaces and keeping two metres apart from people outside your household.
Computer viruses can spread just as quickly as human viruses but taking the steps above will increase your resilience and strengthen your defenses to cyber criminals looking to exploit your workforce in these challenging times.