Although the new disruptive COVID-19 reality, with all the challenges it brings we should not forget about maintaining a strong Cyber Security posture. I would argue that active vigilance is required.
Cybercriminals are targeting our fears and uncertainty around COVID-19. Therefore, its useful to have basic knowledge of how to avoid being duped so you can adequately defend your digital assets. Furthermore, business leaders have are responsible for defining their security risk management strategy in this new work environment. The new remote collaboration model suggest they should revisit their policies and technologies to ensure that employees can work remotely with security.
CORONAVIRUS PANDEMIC CONTINUES:
The impact of Coronavirus pandemic is of course far-reaching as we continue to rely heavily on digital tools. That makes for ripe opportunities for Cybercriminals, which translates to an increase in the number of cyber-attacks. The Cyber Security Team of Connectis Group we’ve seen a rise in the outbreak of opportunistic cyber scams. Cyber attackers are sending thousands of emails with malicious attachments or links to fraudulent websites. These communications designed to trick victims by accessing their sensitive information or by availing donations impersonating as legitimate charities or causes. Recently, a wave of 5,500 infections of just two strains of malware was received in COVID-19 themed emails during office hours. These attacks are used to steal browsing history, cookies, ID/passwords, crypto currency and more. It can also download additional malware onto infected machines. Also, there have been multiple reported cases of malicious COVID-19 related Android applications that enable attackers access to smartphone data or encrypt devices for ransom. The global pandemic has also led to the creation of more than 100,000 new COVID-19 web domains. Cyber actors have even begun to use coronavirus maps as bait to steal our sensitive digital data and information.
In my over 20 years’ experience in cyber-security, I’ve never seen this volume of phishing- we’re literally seeing phishing messages in every known language. I worry about the cyber-attacks that could potentially impact medical facilities and other frontline responders to the pandemic. It could be devastating.
KNOW THESE CYBER BASICS WHILE WORKING AT HOME:
Attackers know companies’ employees are working remotely. They also know that the security measures for home network services are not as durable as in the corporate environment. They also seem to leverage the lack of uniformity across the organization in terms of technologies, corporate security policies, as well as implementation. Generally, the companies fail to ensure all corporate-owned or corporate-managed devices have the exact same security features, regardless of whether they’re connected to an enterprise network or a home WiFi network.
We’re cautioning clients regarding Covid-19 themed emails, attachments, or hyperlinks, and social media pleas, texts, or calls related to Covid-19. Everyone should be certain of clicking on authentic links and opening attachments only from trusted sources. Also, one should carefully review the URL before clicking on a link/button, being mindful of look alike domain names as well as spelling errors.
CONDUCT VULNERABILITY RISK ASSESSMENT AND PENETRATION TESTING:
Both business leaders and individual employees have critical roles and responsibilities in securing their organization and in ensuring that cyber-attacks do not further compound the already disrupted work environment.
Just as addressing the COVID-19 pandemic requires changing our social habits and routines to impede infection rates, a change in our online behavior can help maintain high levels of cybersecurity. As cyber security expert, we strongly recommend we run a Vulnerability Risk Assessment and Penetration Test for your entire IT infrastructure and Software Applications to protect your digital assets from cyber attackers. Clients must understand the difference between Vulnerability Scans and Penetration Testing. Both the processes are critical to a comprehensive security strategy and serve essential functions for protecting a networked environment.
MITIGATE THE RISK OF A SECURITY INCIDENT:
To mitigate the risk of a security incident, you need to be able to prevent, detect, respond, and recover from such attacks. Connectis Group can help you prevent many attacks by making sure we remediate all known software vulnerabilities and performing regular security assessments to identify possible unknown vulnerabilities. We combine both Vulnerability Assessment and Penetration Testing (VAPT) methods. This combination helps us deliver a full list of the flaws found, along with a measurement of the risk posed by each defect in your security. Our team of experts has developed methodologies for scanning, which produces the accurate test results. We provide you with a report that includes an exhaustive set of issues and recommendations to adequately rectify the detected breaches at the end of the VAPT procedure. We stand ready to work with you to design and implement a comprehensive security strategy for your IT environment and the data stored within it.
To book an appointment with our security expert, email us at email@example.com or call us at 9056952200. You can also visit us at www.connectis.ca and get to know our service portfolio in greater detail.