As the COVID-19 pandemic has left us distracted, disorientated, and increasingly reliant on digital infrastructure, cybercriminals are using the disruption to their advantage. As remote working and virtual learning became the norm and online shopping soared, hackers were taking the opportunity to exploit our vulnerabilities through their malicious activities.
The United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert in April 2020, highlighting an increase in COVID-19-related malicious activity. In particular, hospital systems, healthcare organizations, and academic institutions were a prime target of cybercrime due to the high value of scientific and health data.
Preparation is key when it comes to defending against cyberattacks, so what can you do to protect yourself and your business?
Cybercriminals Launch Targeted Attacks
By taking advantage of our need for Coronavirus-related information, cyberhackers have launched targeted attacks. As the publics’ fears grew, so did their vulnerability to coronavirus-related scams, including malicious domains, malware, ransomware, and phishing emails. Some cybercriminals may even imitate authority organizations in their attempts to exploit their target.
Hackers have also adjusted their approach, allowing them to target the exponential rise in remote working. With the remote workforce relying heavily on collaboration software to maintain productivity, this is susceptible to attack. Businesses with no previous experience of remote working remain particularly vulnerable to cyber exploitation.
Building a Safe Perimeter for Remote Working
With COVID vaccination programs currently being rolled out globally, an end to the devastating pandemic may be on the horizon. However, remote working is likely to persist, at least for some time. Indeed, many businesses may consider employing a remote workforce moving forwards, or even a flexible ‘hybrid model’. Remote working brings a unique set of cybersecurity risks and challenges. So, with this in mind, what specific measures can you take to ensure the cybersecurity of your remote workforce?
- Secure personal internet connections
Ensure that your employees’ home WiFi connections are secure, protected by a robust, unique password and that they have enabled a minimum of WPA2 network encryption.
- Use Multi-factor authentication and strong passwords
It is good practice to always use strong, unique, and secure passwords when working from home. The security of your infrastructure can be further increased by implementing multi-factor authentication when accessing business networks or cloud-based services.
- Use comprehensive antivirus software
Businesses should invest in a comprehensive internet security suite to ensure that their infrastructure is adequately protected against malware attacks, phishing, viruses, and spyware. Security Software that is regularly updated provides an excellent first line of defense against known malware and security threats.
- Pay careful attention to the use of collaborative tools
With collaborative video conferencing applications, such as Zoom, being targeted for attack, their use should be closely monitored. To optimize the security of these applications, users should use multi-factor authentication to access the platform, and password-protected waiting rooms, restrict screen sharing, keep meeting links secure and monitor participation.
- Implement a Software-Defined Perimeter (SDP)
As a minimum you should implement a peer-to-peer VPN setup, this hardware or software-defined tool encrypts network traffic between the user and the destination. Although VPN is a proven and robust technology, trusted by many businesses around the globe, the technology is not bulletproof and there are better alternatives out there, such as Software Defined Perimeter (SDP), which creates a secure and untraceable interconnect between the source and the destination. SDP is protected by KMS authentication and only works on pre-authenticated devices, such as a corporate laptop.
- Regulatory Compliance
Ensuring adherence to compliance policies and procedures is key. Oftentimes these controls with regulatory compliance like HIPAA, HITECH, and PCI are designed to help organizations proactively ensure a working work-frame to offset any breaches. Healthcare organizations, for instance, have to not only stay compliant to protect their critical patient records and data but also make sure that even developing any telemedicine application takes into consideration all the best practices.
Stepping Up Your Cybersecurity
Even if remote working is not currently part of your business strategy, there are many measures that you can take to optimize your cybersecurity:
- Make sure security training is up-to-date
The best approach when defending against cyber attacks is to make sure that all of your employees have received adequate security hygiene training. Staff should be educated about cybersecurity risks and how to mitigate them, ensuring that remote workers are aware of the specific risks associated with working off-site. You should keep staff informed of the latest malicious threats and advise on how to identify and respond to these. Trusted resources should always be used for accessing up-to-date information.
- Regularly audit cybersecurity measures
Businesses should regularly evaluate the cybersecurity measures that they implement to protect themselves, ensuring that these are suitable to defend against the current threat level. This will generally include scheduled software patches and updates and the analysis of employee network connections and endpoints. It is crucial that organizations have a robust business continuity plan in place, with regular data backups and disaster recovery measures in place.
- Deploy proactive threat monitoring
Deploying cybersecurity threat monitoring to detect data breaches and cyber threats in their early stages, allows businesses to mitigate the damage of such threats. This type of proactive monitoring can be carried out at both the network and endpoint level, using monitoring tools such as Intrusion Prevention System (IPS) or Endpoint Detection and Response (EDR).
- Consider using a Managed Service model
Many businesses are seeking to shift from using an in-house cybersecurity team to employing the services of a Managed Service Provider in an attempt to deal with the increased threat of attack. As many organizations look to adopt a cloud-based infrastructure, the security of these environments should be carefully managed by highly skilled personnel.
You should look to partner with a leading dedicated hosting provider possessing the skill and technology to match the current cybersecurity landscape and to address compliance requirements.
As the COVID-19 pandemic continues to create novel and complex cybersecurity challenges for your business, you should take a proactive approach to ensure your organization is ready to defend itself. By following the suggestions discussed in this article and identifying a leading cybersecurity partner, your business will be in a strong position to face the threats ahead.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.