COVID-19 and Cybersecurity

people making presentation with colleagues and business

Protect Your Network With 42, Inc.

As the global crisis from the novel coronavirus (COVID-19) continues to impact everyone, organizations are being forced to adapt to rapidly evolving security compliance requirements and threats. Government and private watchdog agencies are seeing an increase in the use of COVID-19-themed attacks by malicious cyberactors. They are using phishing messages, ransomware, and malicious applications, often masquerading as trusted entities that may have been previously compromised. Their goals and targets are consistent with longstanding priorities such as espionage, “hack-and-leak” operations, and financial gain. At the same time, the surge in teleworking has increased the use of potentially vulnerable services, such as virtual private networks (VPNs), amplifying the threat to individuals and organizations.

We have been helping our clients transition to working remotely since the Shelter-in-Place (SIP) order went into effect on March 16th. Some companies are providing equipment and others are allowing the use of personal devices to work and access company resources. Although there has been progress in reducing the spread of COVID-19, the resulting threat to cybersecurity will continue to remain for the foreseeable future. Here, we have outlined basic cybersecurity best practices to help protect your devices and data.

Email Attacks – Phishing

Phishing is a type of social engineering attack used to steal user data, including login credentials and credit card numbers. It occurs when an attacker,
masquerading as a trusted entity, tricks a victim into opening an email, instant message, or text message. As a result, the victim’s personal information (e.g.username and password, online credentials, credit card information, etc.) can become compromised. Phishing emails are also used to spread ransomware. These emails are embedded with links that, if clicked, download software that encrypts your data and prompts you to pay a ransom before it can be recovered.

Your best tools in combating phishing emails are attentiveness and knowledge. Here are some quick tips on how to stay vigilant and avoid scammers when you receive suspicious emails:

• A sender can falsify the From field of an email. Verify that the sender is who they say they are by checking that the address is legitimate.
• Poor spelling and grammar can be a tell-tale sign of a fraudulent e-mail.
• Check links and URL’s before you click or type them. Some malicious websites use addresses that are similar to well-known websites but are ultimately different by one letter or symbol.
• Be cautious about clicking on links embedded in an email, especially if you don’t know the sender.
• Be vigilant when providing personal or company data. Never share personal or company data where it doesn’t seem necessary or appropriate.
• What if you have accidentally revealed a work-related password? Change it immediately and let your IT support team know. Cybercriminals often use
automated tools to immediately try stolen passwords, so the sooner you react, the better are your chances to prevent a breach.
• Use different passwords for different sites. Once cybercriminals have a password, they will usually try it on other websites to see if they can get
lucky.

Hardware & Software

Update your software – Keep operating systems, applications, and software on computers and mobile devices up to date. Set updates to happen automatically. If you are using hardware provided to you by your employer, it is likely that they are already doing this on your behalf. We (42, Inc.) manage hardware for most of our clients using automated tools that keep their software up to date. If you are using your own equipment or are unsure about the configuration, we can help you.

Use anti-malware software – Install and regularly update a well-known anti-malware software solution. Ideally, this should be business-class software and not a consumer product.

Encrypt devices and disks – Encrypt devices and other media that contain sensitive personal information. This includes laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions.

Shared devices – Avoid sharing devices whenever possible and do not use company-issued hardware for personal use. Talk to the other members of your household about appropriate hardware use and use separate software profiles where applicable.

Files and Folders (Data)

Secure your files – Back up important files offline, on an external hard drive, or in the cloud. Make sure you store your paper files securely, too.

Strong passwords – Use strong, unique passwords for all laptops, tablets, and smartphones. A strong password is at least 12 characters that are a mix of numbers, symbols, capital, and lowercase letters. Don’t reuse passwords and never share them. Configure devices to limit the number of unsuccessful log-in attempts to limit password-guessing attacks.

Use multi-factor authentication (MFA) – Use MFA for access to resources that contain sensitive information. MFA requires additional steps beyond logging in with a password and uses a secondary method for authentication. The most common method is sending a temporary code by text to a predesignated phone number. Cyber criminals are taking advantage of the vulnerabilities presented by working remotely by targeting poorly secured remote desktop protocol(RDP) connections to corporate networks. We encourage individuals and organizations to implement MFA where possible. Please contact us if you have any questions or need additional assistance.

Wireless Networks

We recommend securing home and corporate wireless networks by implementing the following simple steps:
• Change the default network name (SSID). If practical, configure the network name (SSID) to be hidden and not broadcast publicly.
• Require passwords for Wi-Fi access and use WPA2 or WPA3 encryption.
• Change the default name and password for the administrator account.
• Set up private and guest networks.
• Turn off remote management so the network can be only modified when connected to the private network.
• Make sure to log out as the administrator once the router is set up.

Cyber Insurance

Cyber insurance policies are used to protect businesses and individual users from Internet-based risks, and more generally from risks related to IT infrastructure and activities. Coverage provided by cyber-insurance policies may include first-party coverage against losses such as data destruction, extortion, theft, hacking, and denial of service attacks.

Most companies are now utilizing cyber insurance policies. It is also available for individuals, and we recommend that all of our clients look into a policy that
fits their needs.