Everywhere you look things are not the same. A global pandemic impacts everything about who we are, how we interact, how we work, where we're working from, and even literally down to how we should be protecting our computer systems. We're told this is the "new normal", but nothing seems normal about it at all.Stepping back, it's interesting how we as a society have responded to this crisis. The term "social distancing", once unknown, has become the norm.
Similarly, the term "Business Continuity" has taken on a completely different view. As far as cybersecurity goes, we used to say it's not if you're going to be hit, but when. And similar to how the pandemic has become a wake up call for businesses in regards to their approach to business continuity, it should also be a wake up call for their approach to protecting themselves from the cybersecurity threat.
With more and more knowledge workers working remotely (let alone on their own personal computers), the cybersecurity landscape has changed dramatically over the last few weeks - and not in a good way. The network that was once easily controlled and protected within the four walls of your office has now been spread out across an almost uncontrollable landscape.
Failure points abound - again, especially with how many businesses are leveraging their staffs' own personal home computers. In this case, here are some simple questions to ponder:
- How are these machines being patched?
- Are they being patched?
- Do they have adequate anti-virus protection on them? Are they kept current?
- Are they connecting to your office via a VPN (a Virtual Private Network)?
- Are all of your network resources protected with Dual-Factor Authentication
- What other machines are on their home network?
- Is their home network secure?
- Is their home wireless access point secure?
And these are just some of the questions that run through the mind of a network security professional managing this pandemic cybersecurity landscape!
When considering how to secure all of your remote end points, it's critical to note that the mere fact that computing resources that you don't control are being utilized to access your systems and data that you do - and are responsible for. This alone creates a myriad of issues. And one of the main issues relates to one of the main failure points when it comes to cybersecurity - the human factor.
People fall for things. And scams abound. And it's difficult to protect your data and your network when it's someone else's machine located outside the four walls of your office. But this doesn't mean you can't nor shouldn't. It's your network. It's your data. It's your responsibility to protect it all.
To better understand why we need to look at securing your technology differently and how it's more critical than ever in this "new normal", here are a couple of the recent threats out there:
CORONAVIRUS IS EVERYWHERE, SO ARE NEW CYBERSECURITY THREATS
Global recession, disrupted supply chains, and remote work forces aren’t the only immediate effects of the coronavirus pandemic. It has become an enabler for next-gen cybersecurity threats, unfolding in the form of phishing and spear-phishing campaigns, malware, and COVID-19 themed domains. Data from Check Point’s January Global Threat Index report indicates over 4,000 coronavirus-related domains were registered across the globe since January.
The Malware Hunter Team, anti-malware researchers, and creators of ID Ransomware have been actively uncovering a string of malicious attacks disguised in PDFs and email attachments, masked under names and logos of trusted organizations such as WHO and U.S. CDC alerts targeted at users. WHO issued an advisory about malicious emails and phishing campaigns to bait users to give sensitive information. Earlier this month, Sophos, a leader in next-gen cybersecurity uncovered the ‘safety measures’ phishing scam against Covid-19. The phishers created a fake website, emulating WHO and was running with a pop-up, asking for email details.
The threats landscape has never looked more complex, and the health crisis has given rise to corona phishing, as outlined by security firm Kaspersky, to gain email credentials. Phishing is the act of tricking users into sharing sensitive information such as passwords, login credentials, and even credit card keys. Riding on the fear of pandemic, bad actors are leveraging malicious emails from convincing domains for users’ credentials and financial information.
phishing attacks use coronavirus outbreak to trick victims
News reports indicate threat actors are taking advantage of the coronavirus outbreak in new phishing email campaigns.
Threat actors are using public fear to increase the likelihood that users will click on a link or open an attachment.
In one campaign, the phishing email reportedly impersonates the U.S. Centers for Disease Control and Prevention, warning of new infections and promising to provide a list of active infections in the surrounding area if users click on a link. Other phishing emails ask recipients to open an attachment to view safety measures regarding the spread of the virus.
As this latest attack method demonstrates, phishing campaigns are continuously evolving. It is becoming increasingly difficult to identify malicious emails. This incident provides a good opportunity for reminding staff to:
- Be suspicious of any emails that urge you to take action and try to create a sense of urgency.
- Never click on links or open attachments without first making sure the request is authentic.
- Call the sender by looking up their phone number independently.
- Never call a phone number included in a suspicious email or reply to the sender.
If you receive a suspicious email at work, please contact your information technology (IT) security staff immediately.
ZOOM CAUGHT IN CYBERSECURITY DEBATE
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal.
The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and poor security implementations.
Zoom's rapid sudden ascendance as a critical communications service has led to it drowning in a sea of privacy and security flaws.
- Zoom's iOS app, like many apps using Facebook SDK, was found sending analytics data to the social network even if the user doesn't have a linked Facebook account. Later, it removed the feature.
- Researchers discovered a flaw in Zoom's Windows app that made it vulnerable to UNC path injection' vulnerability that could allow remote attackers to steal victims' Windows login credentials and even execute arbitrary commands on their systems. A patch was issued on April 2 to address this flaw along with two other bugs that allow bad actors to gain root privileges and access the mic and camera on macOS, thereby allowing for a way to record Zoom meetings.
- Vice revealed that Zoom is leaking thousands of users' email addresses and photos, and letting strangers try to initiate calls with each other. That's because users with the same domain name in their email address (non-standard email providers that are not Gmail, Outlook, Hotmail, or Yahoo!) are being grouped together as if they work for the same company. Zoom blacklisted these domains.
To give credit where it's due, Zoom largely responded to these disclosures swiftly and transparently, and it has already patched a number of issues highlighted by the security community.
Here’s an upside of the outbreak — remote work will become the new normal. The pandemic will significantly reshape how global enterprises work and accelerate long-term acceptance of remote work policies. At the same time, cybersecurity threats in 2020 are completely new and have emerged as a side-effect of the pandemic. Additionally, cybercrime has become a threat to governments, with reports highlighting a spike in financially-motivated cyber crimes across the globe. As attackers become more sophisticated, causing massive damage in a short period of time, organizations need to proactively implement agile security solutions to prevent breaches.
A valuable lesson for executives is to now assess the high-priority risks and put in place effective controls to tackle these new threats as soon as possible.
How have you secured your new, remote workforce? Do you have a Work From Home or Telecommuting Policy in place? What are the minimums you require to allow your staff to work from home on their own home computers? Please share your thoughts in the Comment box below or shoot me an email if you'd like to chat about this in more detail.