Unfortunately during times of crisis businesses are open to new vulnerabilities. This is the case with the SARS-CoV-2 coronavirus pandemic, where there has reportedly been an increase in scams jumping on the coronavirus information bandwagon.
Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye tells Digital Journal how businesses can better strengthen their environments from coronavirus-themed cyberattacks. According to Shelton: “There are several things that organizations can do to better protect their corporate environment from threats as they adapt to a remote and distributed workforce. The following recommendations focus on the protection of both employee identities and as well as applications.”
READ MORE: First treatment option for COVID-19 developed
He also outlines some of the protective measures that can be taken: “Accessing corporate resources remotely creates an opportunity for attackers to blend in with the workforce. Implementing multi factor authentication (MFA) on all external corporate resources significantly reduces this risk.”
One of the consequences of the coronavirus situation is a rise in remote working. This mode of operation also brings with it risks, as Shelton reports: “Many organizations lose visibility into malicious activity targeting remote workers. Organizations should deploy a multi-layer endpoint agent on all employee endpoints. The endpoint agent should be able to detect, protect, and respond to malicious activity.”
In terms of other preventative measures, Shelton recommends: “Companies should be sure to deploy encryption on employee endpoints so that sensitive data is protected in transit and at rest.”
In addition, Shelton states: “Cloud services are an important resource for remote workers and can contain sensitive corporate data. Ensure that you are receiving logs from your cloud providers and regularly reviewing them for unauthorized access and data exfiltration.”
Also pitching in, Jens Monrad, Head of Mandiant Threat Intelligence, EMEA, FireEye comments: “Since January, we have noticed both cybercriminals and what we believe are state-sponsored espionage campaigns using COVID-19 / coronavirus themed lures in phishing emails.”
Expanding on the risks, Monrad elaborates: “By lures we mean email attachments and links that look like they are genuine, but are in fact malicious. This activity has increased since January as more nations are dealing with infections. Some of the malware campaigns we have observed are responsible for a large volume of spam and phishing emails as well as being used to deliver ransomware.”
Monrad’s advice to businesses runs: “We encourage users to remain vigilant about socially engineered campaigns and disinformation related to the coronavirus. People should use government trusted sources for any information related to the current situation and, in the cases where they receive coronavirus related emails and were not expecting them, they should carefully examine why they are receiving them and consider not engaging with the emails.”
