Expert: Hackers using disaster relief info to launch cyberattacks
Pictured: Utgard Shanna. Photo courtesy the American Chamber of Commerce of Trinidad and Tobago (AMCHAM T&T).
Hackers are using the COVID-19 pandemic as an opportunity to exploit weaknesses in organisations’ cybersecurity.
Speaking at a webinar on cybersecurity hosted by the American Chamber of Commerce of Trinidad and Tobago (AMCHAM T&T), Shanna Utgard, Success Manager at Defendify, a cybersecurity platform designed specifically for small businesses, said hackers have been finding new ways to target the digital assets of individuals and businesses alike.
Utgard suggested five tips to assist companies in securing their remote workers during COVID-19:
1) Secure and test remote connections – Hackers frequently exploit out-of-date firewalls and VPN connections. Companies should ensure all devices on their network are up-to-date and “patched” i.e. messages received to update apps or operating systems on phones and other smart devices. The connection tool i.e. VPN or tunnelling tool coming from the employee’s home and back to the corporate network should be secured and using a two-factor authentication in addition to just a password.
2) Run a Cybersecurity assessment – When working from home, companies will need to perform self-assessments to walk through the cybersecurity controls; and identify what has changed with their infrastructure and overall IT posture.
3) Set work from home expectations – Utgard stressed the importance of setting various policies and plans when working from home and suggested the following: i. Companies should have a “Technology and Data Use Policy” that prohibit employees from using their personal devices that are out-of-date from accessing company data. ii. Companies risk insider threat when employees leave sensitive information accessible on their personal devices, and risk of infections from personal devices spreading to the corporate network. iii. Companies should ensure that employees are saving all documents and corporate information to the Corporate Network or a cloud file hosting service and not to their device desktops. iv. Companies should also try to use encrypted file storage solutions and avoid sending attachments through email because most email services do not encrypt attachments.
4) Train your team – Due to distractions at the home, companies should invest in training employees to use new technology at home that they are unfamiliar with to prevent information from being stolen.
5) Revise the Incident Response Plan – Companies should create a culture for employees to know what to do if they suspect an incident and to report issues when they occur. It is recommended that companies provide clearly defined support communication channels and a paper copy of the incident response plan to employees.
Utgard also warned that hackers have tried to infiltrate the networks of users through suspicious registered domains and phishing schemes since the onset of the pandemic.
She said: “There have been more than 40,000 new registered domains that reference coronavirus terms. These attackers are buying up these domains and they're starting them up and making these malicious websites and they're also using these domains to send these phishing attacks. First, it was warnings from the CDC and the World Health Organisation, then it transitioned to new cases that were reported in your area.”
She indicated that hackers are also aiming their sights on information related to social relief assistance programmes as countries start to flatten the curve.
Utgard said: “We're starting to see the attacks transition into disaster relief. So, a lot of the theme of these emails now are related to Grants and Loans, small business relief, paycheck protection, all of those types of attacks.”