Viruses aren’t the only bad agents threatening businesses in the wake of COVID-19. Cyber criminals are preying on both vulnerable corporate networks, now taxed by a remote workforce on laptops, and healthcare networks working overtime to meet patient needs.
Cyber criminals are studying email correspondences, looking for holes in the way organizations are currently operating. They’re finding new opportunities to target employers now testing new remote protocols and procedures, which in many cases can lead to a fraudulent transfer of funds when the change instructions aren’t verified.
They’re even baiting curious and anxious employees with phony websites impersonating healthcare organizations, and then inserting malware into their business network. It is estimated that there are 2,000 Coronavirus-related sites created every day, most of them malicious. These sites are targeting regions with high infection rates to try to steal information and credentials. SMSishing emails, or fraudulent text messages, have become more and more frequent.
As always, a network’s greatest cyber vulnerability is its own employees. Workers must be trained to be even more vigilant now than when in the office.
- Review current IT policies. Organizations should review their current policies regarding remote access with their remote workforce. Inform employees of the approved technology by your company and the proper ways to use the technology. Implement controls for all transfers of funds, regardless of the size and especially when there has been a change in a process or procedure. Similarly, remind your employees not to share personal or business-related confidential information that they wouldn’t feel comfortable sharing with a family member or close friend.
Internally, consider how to manage layoffs of remote workers should there be terminations during this stay-at-home period. Businesses will need a plan for how to repossess work equipment in this scenario.
- Use strong Wi-Fi and passwords. While most employees are currently sheltering in place at home where Wi-Fi is encrypted, many are still using phones, iPads and other devices remotely to access their business email or intranet while in line at the grocery store. Ask employees to use more robust passwords now - not 123456.
- Secure online meetings. When using Skype, Teams, Zoom or GoTo Meeting, make sure to utilize the most up-to-date security protocols to prevent outsiders from accessing your meetings. Refrain from using your personal meeting ID. Instead, use a per-meeting ID with a password each time and enable the “waiting room” feature to see who is attempting to join before providing them access. Disable the “join before host” option and close the meeting to outsiders once it begins. Visit your video conferencing platform’s website for more information and video tutorials on securing your calls.
- Only visit reliable sites. Teach employees to recognize which websites offer reliable data on the current crisis and ask them to avoid visiting sites on their work devices that aren’t reputable. For COVID-19 crisis updates, instruct them to visit only the PHAC, CDC, WHO and FEMA sites. Only employees should use remote equipment. A child could easily inadvertently open a door to a cyber breach using mom or dad’s work computer. For example, a high school student uses mom’s work computer to download a new application for her now online class.
- Identify a cyber breach response plan. While you likely don’t have the bandwidth to create a full plan right now, it’s important to put together a one-page list of internal and external contacts necessary post-breach. Include contacts for law enforcement, all stakeholders – C-suite and directors and officers - your cyber crime insurance broker, a privacy attorney and a forensic investigator. Timing and communication post-breach will make or break it for an organization. This one-page list will be key to coming out on top.
- Report a cyber-crime immediately. Cyber-crimes aren’t reported to law enforcement at the same rate other crimes are, but they should be. The National Cybercrime Coordination Unit of the RCMP works exclusively on these crimes and can provide increased protection when they are reported.
- Perform all system updates. Security patches should be maintained and updated regularly on both individual laptops and the business’ network. While simple, this will act as a critical baseline firewall for the network.
- Talk to your cyber coverage broker now. Key questions to address with your broker when creating the plan are: Do your policies cover “bring your own” device exposures, third party computer systems that may have interruptions in service, and other potential exposures like social engineering?
Contact a HUB Cyber Security expert for more information on how you can secure your network and transfer your cyber risk during the COVID-19 pandemic.
Get the latest information, guidance and resources on Coronavirus (COVID-19) to help you protect what matters most on our Coronavirus Resource Centre.