A US economy ushered in 2020 with high hopes for a productive new year. No one foresaw that before the end of the first quarter the world would head into lockdown. Companies that had the ability, moved to work-from-home models. Many businesses slowed and yet Zoom and other technologies and industries surged as demand for video calls, toilet paper, and managed service providers (MSPs) skyrocketed.
In this shifted paradigm, how do we protect and secure our system? How do we navigate what is becoming our new normal? Let's take a quick look at the cyber landscape now and then delve into what we need to do to be prepared.
What is happening?
"Any type of world event is used by bad actors as a distraction" - Greg Johnson, CEO Webcheck Security
In this age of coronavirus Hackers have seen multiple avenues in which to direct their attacks. For example, when Italy began spiking in virus cases, the cybercrime spiked as well. Hackers saw a weakness and didn’t care that we were sick. No, they will go after us especially when we are vulnerable. Warnings from the FBI tell us that health-related domains are being bought or heisted by hackers at an alarming rate. Covid 19-themed emails have become a norm as bad actors tempt you to visit sites claiming to have information, but all they really have is malware. "Zoom bombing" has become a new trend with pornographic content being displayed to embarrass but also as way to gain credentials. Awareness is a critical issue here. As everyone moves online from remote locations, more attack surfaces open up now that the employees aren’t all behind the same managed firewall.
What to do about it
So with these new remote working conditions, how do we ensure a modicum of security? Implementing best practices in regards to cyber security for remote workers, along with frameworks such as CIS 20 should be a priority. Here are four simple things we can do to keep our companies safe:
VPN. Have all employees working from home use a VPN. A VPN, or Virtual Private Network, encrypts the data stream from the private user to the company network. This ensures that your company's data is encrypted in transit. These can be employed easily at a relatively low cost.
Password Policy. Have and enforce an adequate password policy. For example, NIST recommends pass phrases of more than 7 characters.
Phishing Simulations. Regular Phishing exercises or training should be conducted. While the majority of the workforce is now unsupervised at home they should have the basic knowledge of phishing so as to avoid malware and protect the company's data. Remember if it's an email you don't recognize, or aren't expecting, DO NOT CLICK. Should you require training click here for more info.
Vulnerability Scanning. Employ a quarterly vulnerability scan - hackers employ these so why shouldn't you? Vulnerability scans automatically scan over your site to find the "Low hanging fruit"- those vulnerabilities that could easily exploited. Once these vulnerabilities are found you can fix them up before a bad actor can use it against you. Even better to run a penetration test.
Vulnerability Scanning and Penetration testing
The very best way to ensure you are secure is to run a penetration test. Service providers especially need to employ full penetration tests. While a vulnerability scan sweeps over the first layer, penetration tests are a deep dive into every layer. An ethical hacker uses multiple tools to find weaknesses and then delivers a report carefully documenting the findings. A key part of penetration testing services from Webcheck Security is that is can all be done remotely. There is no need to be onsite for pen tests, and when our engineers need to get behind the firewall a box can be shipped to the site and simply plugged in, or a VM downloaded from our AWS build site.
Other remote services we offer include PCI and NIST cyber assessments, cyber maturity assessments, fractional information security officer (FISO) services, cyber consulting, social engineering, and more. For a full list of our services, all of which can be done remotely, please visit our services page.
In conclusion the main focus in these unprecedented times should be to remain aware. As more of our workforce moves online more attack surfaces are created. Employing best practices and penetration testing can keep your company secure as you navigate a new normal.
To learn more visit the corresponding podcast Remote Cybersecurity in Unprecedented times by Blog Talk Radio.