Tuesday, 17 March 2020

Cyber Hygiene During COVID-19 Planning

Cyber Hygiene During COVID-19 Planning

May I take this opportunity to inform you that during these troubled times we are here to help you maintain the highest Cyber-Security Resilience against pernicious multiple attacks from opportunist and professional Criminal Hackers whilst ensuring your Policies, Processes and Procedures are absolutely fit for purpose.

During this unprecedented pandemic, organisations are facing many challenges with the risks of COVID-19 disrupting business as usual activities, increasing pressure on more remote working, and the extra time needed in implementing Business Continuity Planning. All while still wondering how this situation will affect your overall business now and moving forward.
It is important that executing Business Continuity Plans are at their most effective. In the last 3 weeks, we have seen a massive increase in COVID 19 cyber-attacks. How well are you prepared to defend these successfully? Attackers will always leverage a crisis to deliver phishing attacks, ransomware, denial of service and attempt to gain unauthorised access. As the Chinese word for Crisis means danger and opportunity respectively, wherever there is danger there are those that will seek to benefit.

There are things that you can do now to ensure that whilst you are executing your business continuity planning so that security considerations are also being made:

  • Educate users on the risks of the numerous COVID-19 phishing attacks. Don’t click on any links or open attachments that report to be from WHO ( The World Health Organisation), HMRC, of your Government without first verifying this is from them. Better still, only trust information from verified sources such as news outlets or government information pages.
  • Check VPN’s have no known vulnerabilities and ensure these have been security tested to ensure an attacker cannot bypass the controls and gain unauthorised access.
  • Ensure that MFA (Multi-Factor Authentication), has been enabled for all remote users, to reduce the likelihood of credentials phishing/stuffing.
  • RDP (remote desktop protocol) should not be exposed to the Internet, but if in these circumstances it is, ensure those services are fully patched and that MFA is enabled, and enhanced monitoring and controls should be enabled.
  • Messaging should be provided to all users about reporting incidents and the urgency of doing this. Information should include who and how to report these, including what information to share.
  • Incident response plans should be tested against a remote situation, especially if attacks like ransomware and denial of service are executed against an organisation.
  • Penetration testing should be conducted as well as any other critical information security exercises to ensure any open doors or vulnerabilities are addressed. Ideally internal network testing should be conducted via a VPN to test what an attacker could do if they were able to gain access through the VPN.
ZeroDayLab is here to help. We understand that during this time where everyone is focusing on Availability, we are also ensuring we help you protect the Confidentiality and Integrity of your critical informational assets.
The dedicated and loyal team at ZeroDayLab are at the front line of defence and want to ensure you, we are agile and experienced in Incident Management. We want to provide all our loyal clients with the very best technical and commercial support you need to protect your employees, suppliers, clients and overall business with focussed initiatives where you need them most.

No comments:

Post a comment