Cybersecurity in the Age of Coronavirus
By Peter Rothman, Chief Operating Officer, Marcum Technology
With today’s global health and economic situation, working from home is the new normal. Not only are we coping with the stress of maintaining and managing workflow remotely, we are also trying to find new ways to stay connected with our work teams (not to mention our family and friends). Online platforms like Skype, WebEx and in particular Zoom are more prevalent and vital than ever. But with these new opportunities come new threats.
Each of these methods of connecting to others poses increased risks to your cybersecurity than before the pandemic, because bad actors are playing on our fears. Even before this crisis, it was already difficult to determine if the communications we receive are real or a potential cyberattack. Now, as the volume of attacks increases and content is designed to play on our emotions, it becomes even more difficult to know what is real and what is not.
The good news is, awareness goes a long way. It is important to maintain and even increase your communications with employees, including tutorials, webinars, etc. to keep them alert and enhance their skill at recognizing and responding appropriately to threats.
The media for these attacks remain the same – email, instant messaging, texting, phone and mail. So, too, are the types of “phishing” to look out for:
- Spear Phishing – emails purporting to be from a known or trusted sender
- Whaling – aimed at a high profile employee like a CEO
- Clone Phishing – an email containing a legitimate-seeming attachment or link that has had its content and recipient address taken and used to create an almost identical or cloned email containing nefarious content
- Link Manipulation – hiding a scam domain name in seemingly innocuous links such as “unsubscribe”
Using the same social engineering techniques as in the past, this health crisis is giving cybercriminals more content than ever to entice us into clicking on bad links. It is also giving them more platforms with which to reach us.
As organizations continue to require a remote workforce, we will continue to see online communication platforms like Zoom explode in popularity. Cybercriminals are taking advantage of the spike in usage by registering new fake “Zoom” domains and malicious “Zoom” executable files in an attempt to trick people into downloading malware on their devices.
From a security standpoint, a work-from-home workforce is much more risky than a corporate environment. Working from home introduces many more variables and puts compliance with security regulations and standards at risk.
To help companies protect themselves, organizations should increase their communications to employees regarding the latest threats. Cyber awareness training should continue to be required for every employee, at increased training intervals. Informing your employees about these crafty new cyber threats, to the company and to their own families, will help raise the level of awareness and show your teams you care about them.
Now more than ever it is important to think before we click.
If you are concerned that your business is not prepared to defend itself against malicious cyberattacks Marcum Technology can help. Our team of cybersecurity experts has the training and expertise to help your business remain safe through this COVID-19 threat.
Coronavirus Resource Center
Have more questions about the impact of the coronavirus on your business? Visit Marcum’s Coronavirus Resource Center for up-to-date information.