As the COVID-19 pandemic keeps on spreading far and wide, time is swiftly running out for people and organizations to get ready for the inescapable interruptions of an outbreak. Business Continuity and Disaster Recovery are two basic parts of a decent cybersecurity methodology. These plans guarantee that a business has the vital frameworks and systems set up to enable operational continuity during an emergency.
COVID-19 pandemic poses the risk of increased cyberattacks, such as phishing, ransomware and various malicious attacks. To address the challenges born out of a pandemic, organizations should update/review their existing business continuity and disaster recovery plans.
Following are the potential cyber risks that have surfaced after the birth of COVID-19, and their preventive measures to be considered
- Phishing attacks/websites preventive measures
Cybercriminals are leveraging coronavirus to intrude into organizations' systems by sending phishing emails pretending to contain information about the virus. These emails may contain malicious content that drops malware on to the victim’s computer.
An organization must create awareness to their employees about such attacks and ask them to verify the email sender address, not to clink the links and to report any suspicious acts to the cybersecurity personals immediately
- Risk’s associated with employees working from home:
As a part of Corona preventive measure, most of the organizations are allowing their employees to work from home.
Be vigilant of your home network
- Install firewalls and anti-malware software on all devices connected to a home network
- Install the latest updates and patches
- Proper AntiVirus software in place with latest updates
- Adhere to companies remote work policy
- Regularly backup your devices
- Change the Wi-Fi router passwords
- Do not use default passwords
- Don’t install apps that are not approved by the company, any non-essential apps or apps or games downloaded from suspicious sources
- Accessing sensitive data on public Wi-Fi??
It is no guarantee that all the employees working form will access the company’s information through a safe wireless network, some may tend to use insecure Wi-Fi networks to access corporate accounts. This scenario will leave cybercriminals a space to gain unauthorized access to your company’s sensitive data.
The only solution in such scenarios is not to disclose sensitive data on unknown public networks. Using SSL (Transport Layer Security) connections to set up a layer of encryption for all the communications will reduce the chances of vulnerability.
Do not choose to share your computer while connecting to a Public Wi-Fi
Employees can protect their login credentials even on public Wi-Fi by enabling the “Always Use HTTPS” option.
Use VPN for accessing the company’s resources
With VPN one can protect their network traffic with security tools deployed in infrastructure. Traffic from company-provided computers will be encrypted so no one in the middle will be able to intercept it.
Apart from the above-discussed risks and their preventive measures, the following checklist helps prepare to test and establish ways to maintain good cyber hygiene
Cybersecurity pandemic planning checklist
- Policies/ procedures: pandemic centric cybersecurity policies may be the same or need to be updated as per the new set of cyber-attacks and their consequences. Documentation on Cybersecurity operating procedures must be kept current.
- Cross-training and backup plan: organizations need to create a skills matrix of key cybersecurity personnel and their roles, and need to cross train them on handling events in case of emergency.
- IDS and IPS management: Make Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) both part of organizations' network infrastructure. IDS/IPS are configurable to help enforce internal security policies at the network level
- Co-ordinate with network vendors, including local access, internet access, and WAN services, to make sure the ongoing outbreak does not disrupt the network services
- Cybersecurity plans. Ensure the cybersecurity or information security plan is up to date and documented with all necessary data to respond to a cyberattack.
- Integrate a Zero Trust Architecture which helps to prevent unauthorized access, and reduce the risk of any hacker’s movement within your network.
- Security posture assessment: frequent security posture assessments help cybersecurity personnel’s to identify cybersecurity strength and resilience in relation to cyber-threats.
- To identify, analyze and mitigating a potential cyberattack. an Incident response plan helps IT staff detect, respond to, and recover from network security incidents such as cybercrime, data loss, and service outages