• Tim Martin

COVID19 Cybersecurity Risks: Shifting to a “work-from-home” model

Updated: Mar 31


Most companies are now transitioning to a “work-from-home” model. Overnight!


How do you protect your people (physically and emotionally)? Maintain performance? Retain customer confidence? Protect revenue? And, manage a changing technology environment?


A lot of moving parts create potential points of failure. Cybercriminals are taking advantage of this crisis and the hidden vulnerabilities from all the sudden change.


Unprecedented times require unprecedented change(s).


Below is Pillar’s latest Risk Bulletin associated with this current pandemic situation. And, some risks to be aware of as you’re adapting to all the change.


The current Novel Coronavirus pandemic that we are currently living through is creating many challenges to business operations and technology platforms.  It has also created opportunities for cyber-criminals to take advantage of the fear, distraction and change.  We’ve seen the criminals using a variety of methods to attack organizations.


The biggest challenge we see security teams struggling with is managing the change in their organization’s threat surface.  The shift to a “work-from-home” model is allowing organizations to execute their business continuity plan. Here are some hidden risks:

Ø Networks which traditionally have a handful of external locations are now managing.

potentially hundreds or thousands of uncontrolled end-point locations. These locations

have different configurations, security controls and network capacity. This can lead to the

following challenges:

o Managing the endpoint patching and vulnerability processes

o Creating new potential vulnerabilities by extending services such as Remote Desktop

services

o Introducing potentially unprotected (or loosely protected) connections from

employees home Wi-Fi networks. (For added firewall security, you and/or your

employees can download Sophos Home Free)

o Increasing risk for Denial of Service attacks on VPN’s which will impact the

effectiveness of the continuity plans

Ø Significant increases in Coronavirus specific “social engineering” attacks.  The criminals

are setting up thousands of fraudulent domains which sound similar to trusted organizations

like the World Health Organization, CDC and others.  This is allowing the criminals to

conduct COVID19 related phishing attacks and also spread misinformation.  The attackers

are utilizing bot networks to conduct searches for key phrases on sites such as “Corona”,

“Coronavirus”, “Pandemic”, “COVID19”

Ø Causing potential future issues related to controls compliance.  Many information

security regulations have specific controls, such as separation of duties.  The new working

model can create changes in these processes which can lead to audit violations in future

audits.

These risks can be effectively managed but will require a different approach.

· Information security and technology teams will need to monitor end-points as unique threat

surfaces and ensure that they are scanned, monitored and maintained as high-risk sites.

· Users will also need to be alerted to the increased risks of phishing scams and communicated

with as new threats occur.

· Take proactive measures to block bot network addresses at firewalls as they identify them.

· Think through your processes and coordinate with the Information Security Team and Auditor

to define new compensating controls to address compliance related process changes.


While “how” we work may change a bit (temporarily). “What” we do and “Why” we do it will never change.


We’ve always been 100% committed as your security partner. Today is no different!


If you're lacking confidence in maintaining security, we're here to help guide you through this unprecedented time.


Pillar Technology Partners

www.pillartechnologypartners.com

(678) 341-0808

0 views