While the COVID-19 pandemic is first and foremost a health and humanitarian crisis, there’s a massive business impact which is challenging our cybersecurity world. (SITREP: Cybersecurity Risks Related to COVID-19 (PDF)).While many organizations may have some form of remote working environment, it’s possible most have never conducted a full remote worker business continuity test, much less developed the culture, technology, communication and policies that will have to work together nearly simultaneously in today’s global context. As you might expect, adversaries are seizing the day to try to disrupt enterprises which may be already struggling to maintain operational continuity in the rush to work from home.
While necessary and important in these difficult times, working from home creates an attractive proposition for threat actors to step up social engineering campaigns. Malicious actors are taking advantage of workers being comfortable in their homes by conducting phishing, ransomware, business e-mail compromise—especially using keyword lures associated with coronavirus or related current events. (SITREP: Cybersecurity Risks Related to COVID-19 (PDF)).
In an environment where reliable information is scarce, there seems to be no end to the opportunism of the cybercriminal. More than 16,000 coronavirus-related domains have been registered since January, 2020. Although not all represent a threat, many of these sites are suspected to support a wide range of malicious activity, including credential harvesting, carding fraud and malware installation. COVID-19 domains are reportedly 50 percent more likely to be fraudulent than other domains. And just like the virus, cyber activities have sprung up from threat groups operating out of multiple locations across the world, including Russia, Iran, North Korea, Vietnam and Pakistan.
So, how can you help protect the safety and security of your people, and the data and technology they need to work from home? And how can we all better manage the “new normal” threat landscape?
Protect your people
Just like hand-washing and social distancing, protecting people and the business can be reinforced through regular, consistent, and clear communications. Stressed people tend to make bad decisions, so helping them feel safe and secure and communicating on both emotional and rational levels can be useful in winning “hearts and minds.” Reminders about strong authentication on all devices should be coupled with support—preferably, a single point of contact for reliable information. For example, in Accenture we hold one-on-one conversations with security team members and have built a virtual crisis management “war room” to quickly disseminate information.
Here’s some other ways you can help your people to protect themselves from work-from-home vulnerabilities:
While fake news and phishing are very real threats, you can give your people reliable sources of information and discourage the use of spoofed URLs. The U.S. Department of Homeland Security recommends sites such as the Cybersecurity and Infrastructure Security website or the Cyber Readiness Institute quick guide, Securing a Remote Workforce.
Remember that you can also include good communication outside your own four walls. It’s important to collaborate with vendor partners on security and continuity of operations. As Accenture’s Third Annual State of Cyber Resilience research found this year, 40 percent of security breaches are now indirect as threat actors target the weak links in the supply chain or business ecosystem.
Ask the right questions
The job of security chiefs is difficult enough but when hundreds or thousands of employees suddenly stop commuting into the office and start logging in from anywhere, they can be faced with a whole new ball game. Like every good back-to-basics security program, there are four fundamental questions executives should address:
In such a climate, health and safety clearly comes first. Securing the continuity of operations has taken on a whole new dimension—it should include culture, communication, policies and technology. And, as the coronavirus has shown us, you can never be too prepared. I invite you to take a look at the latest Accenture Security report, “SITREP: Cybersecurity Risks Related to COVID-19,”—and please do stay safe.
¹ Accenture iDefense, proprietary data and analysis; Accenture Threat Intelligence Service platform