Monitoring And Preparing For Emerging Coronavirus-Related Cyber Security Threats
What SMBs Can And Should Do
The coronavirus is not just a global health crisis – increasingly, it is becoming a cyber security threat as well as more organizations move employees to remote work. The federal government issued an alert encouraging organizations to adopt a heightened state of cybersecurity right now, noting that as more organizations are using virtual private networks (VPNs), “more vulnerabilities are being found and targeted by malicious cyber actors.” While this is problematic for any organization, it poses real challenges for small- and mid-sized businesses, many of which don’t have a CISO and are not equipped to deal with the fallout of a cyber security breach.
Phishing emails are on the rise as malicious threat actors are targeting remote workers, using the pandemic to their advantage to steal usernames and passwords. Hackers are upping the ante now, taking advantage of unsecured employee personal devices and increased use of collaboration platforms.
In addition to phishing, security firms report that attackers are using COVID-19 as their way into networks via spoofed website domains. In one instance, a fake government website has been luring users in the UK with the promise of aid or relief.
And while large enterprises may have robust security strategies in place to deal with these attacks, many SMBs and mid-sized companies struggle with the cost of protecting their business online. But they need to remain vigilant, experts say, because a single breach can close their doors for good.
“It's unfortunate that cyber crooks will prey on people during these difficult times, but it's a reality,’’ says IEEE member Carmen Fontana. “Remind your employees to be extra vigilant against phishing attempts.”
If they haven’t already, it’s critical for organizations to develop security awareness programs that educate employees on phishing scams, ways to avoid unintentional downloads of malware, and the company’s security policies to build organic internal security measures, agrees Kevin Lancaster, general manager of security solutions at IT services provider Kaseya.
“The loss for a dentist’s office being down for one hour today is the equivalent of an entire brokerage firm’s loss 10 years ago,’’ Lancaster says. “It’s that dramatic.”
If there is any doubt about the authenticity of an email request, Fontana stresses the importance of advising employees to pick up the phone and call the requestor to verify. “It doesn't cost any money to double-check information requests,” she says, “and it could save you thousands of dollars -- and headaches.”
In addition, executives must make sure their team understands what social engineering is and how cybercriminals may use it to obtain your company's confidential data, Fontana says.
“With social distancing, people are craving personal interaction and may be more susceptible to social engineering malfeasance,” she says.
Utilize external resources, but don’t check out
A new report from Gartner recommends the use of managed services providers or managed security services providers (MSSPs), as another way SMEs can cope. MSPs can provide them “with a high degree of service granularity and access to support and security specialists around the clock. External sourcing alleviates many of the budget and operational headaches crucial to supporting a security program.”
Like their large counterparts, SMEs also need tools for log management, vulnerability assessments, endpoint and network monitoring. A managed service provider gives access to these security controls without the need for an in-house expert, the Gartner report said.
At the same time, remember that utilizing the services of external resources such as a virtual CISO (vCISO) and/or an MSSP does not absolve a business of their security responsibilities or accountability, Gartner advises.
Ways small businesses can improve their security
A small business may not be able to afford to equip all employees with a laptop, Fontana points out. If that is the case, she recommends considering a virtual desktop implementation, also sometimes referred to as desktop as a service (DaaS).
“Virtual desktop tools replicate the desktop experience from any web browser,’’ she says. Critically, this type of setup is more secure than having your company’s data living on the hard drives of your employees’ home computers. “Virtual desktop implementations can be rolled out quickly – often, quicker and cheaper than the procurement and configuration process of new laptops,’’ she says.
There is also no better time to create business continuity plans, which SMEs often lack, according to Fontana. The plan should address questions like:
- What data is critical to your company?
- Where does it live?
- Who has access to it?
“When you have a small workforce, just one or two missing key team members could bring operations to a halt,’’ she notes. “Understand where your risks are and focus on creating redundancy and resiliency across your technology, processes and institutional knowledge.”
That sentiment is echoed by Lancaster, who adds that only about one-third of businesses test their disaster recovery plan regularly. “Backing up servers, backing up locally and offsite, and using an onsite appliance are the three most popular backup strategies,’’ he says.
SMBs should also take advantage of security services offered in the cloud, including security assessment, identity management, multi-factor authentication, single sign-on, business continuity, and compliance, Lancaster says. That can greatly improve an SMB’s defense against a cyberattack, he says.
Additionally, he recommends implementing an automated patching process – this is critical to enabling businesses to keep their systems up to date, because it ensures critical software vulnerabilities are addressed quickly, before an exploit occurs.
If you need yet another reality check, half of all data losses result from human error, Lancaster says, and the rate of data loss isn’t changing. So companies need to hold their employees more accountable than ever to practice proper security measures.
Employees must have an appropriate level of awareness regarding IT security and understand their individual responsibilities when it comes to securing the infrastructure of the organization,’’ he says. “Many cases of security breaches that involve ‘internal actors’ are the result of negligent behavior on the part of employees, not malicious activity.”
Despite your best efforts, there may come a time when your company falls prey to an attack. And when that happens, that’s the time IT professionals can call upon their incident response and business continuity plans that enable a business to mitigate damage after a breach.