COVID19 Cybersecurity Risks: Shifting to a “work-from-home” model
Most companies are now transitioning to a “work-from-home” model. Overnight!
How do you protect your people (physically and emotionally)? Maintain performance? Retain customer confidence? Protect revenue? And, manage a changing technology environment?
A lot of moving parts create potential points of failure. Cybercriminals are taking advantage of this crisis and the hidden vulnerabilities from all the sudden change.
Unprecedented times require unprecedented change(s).
Below is Pillar’s latest Risk Bulletin associated with this current pandemic situation. And, some risks to be aware of as you’re adapting to all the change.
The current Novel Coronavirus pandemic that we are currently living through is creating many challenges to business operations and technology platforms. It has also created opportunities for cyber-criminals to take advantage of the fear, distraction and change. We’ve seen the criminals using a variety of methods to attack organizations.
The biggest challenge we see security teams struggling with is managing the change in their organization’s threat surface. The shift to a “work-from-home” model is allowing organizations to execute their business continuity plan. Here are some hidden risks:
Ø Networks which traditionally have a handful of external locations are now managing.
potentially hundreds or thousands of uncontrolled end-point locations. These locations
have different configurations, security controls and network capacity. This can lead to the
o Managing the endpoint patching and vulnerability processes
o Creating new potential vulnerabilities by extending services such as Remote Desktop
o Introducing potentially unprotected (or loosely protected) connections from
employees home Wi-Fi networks. (For added firewall security, you and/or your
employees can download Sophos Home Free)
o Increasing risk for Denial of Service attacks on VPN’s which will impact the
effectiveness of the continuity plans
Ø Significant increases in Coronavirus specific “social engineering” attacks. The criminals
are setting up thousands of fraudulent domains which sound similar to trusted organizations
like the World Health Organization, CDC and others. This is allowing the criminals to
conduct COVID19 related phishing attacks and also spread misinformation. The attackers
are utilizing bot networks to conduct searches for key phrases on sites such as “Corona”,
“Coronavirus”, “Pandemic”, “COVID19”
Ø Causing potential future issues related to controls compliance. Many information
security regulations have specific controls, such as separation of duties. The new working
model can create changes in these processes which can lead to audit violations in future
These risks can be effectively managed but will require a different approach.
· Information security and technology teams will need to monitor end-points as unique threat
surfaces and ensure that they are scanned, monitored and maintained as high-risk sites.
· Users will also need to be alerted to the increased risks of phishing scams and communicated
with as new threats occur.
· Take proactive measures to block bot network addresses at firewalls as they identify them.
· Think through your processes and coordinate with the Information Security Team and Auditor
to define new compensating controls to address compliance related process changes.
While “how” we work may change a bit (temporarily). “What” we do and “Why” we do it will never change.
We’ve always been 100% committed as your security partner. Today is no different!
If you're lacking confidence in maintaining security, we're here to help guide you through this unprecedented time.
Pillar Technology Partners