As COVID-19 develops around the world rapidly, we all know we are in the middle of an unprecedented set of circumstances in modern times. What is less clear is almost everything else. In combat this is called the “fog of war” and it hides many things. One of those things that people may not be thinking about now is Cybersecurity. It is more important than ever to NOT let your guard down now. COVID-19 themed hacker tactics and techniques are being used widely.
We’d all like to think that during a global crisis like this threat actors are taking a break and worrying about their own skins but the truth is they are not. In fact, they are directly exploiting this crisis as I write this. There are factors making this a bonanza for them and our own very poor Cyber Behaviors present a very real danger.
- There is a much higher level of social anxiety and we are all distracted. When we get this way we all are prone to making more mistakes; we click on links and open attachments we should not
- Phishing schemes that feature “vital new information” about COVID-19 are more likely to be clicked on or opened.
- As more of us are working from home than at any other time in the history of the internet-connected age, there are just so many more attack surfaces and frequency of opportunities of compromise.
So what do we do?
Company owners and managers need to think through policy, remote access systems, training for remote works, etc. but we as individuals can take some immediate steps right now. For certain address, your technical solutions like keeping operating systems, apps and security products (Anti Malware, Anti-Virus, OS Security, VPN) updated and running. Seek advice if you don’t know what to do. However, the most critical step that every single one of us can take right now is practice hypervigilance:
- Do not open attachments that you cannot verify as safe and legitimate. (Think a PDF is inherently safe? Think again)
- Do not click on links that you cannot verify as safe and legitimate.
- Do not give personal information to anyone that you cannot verify.
- Do NOT transfer money to anyone on a single person’s “say so.”
See the theme here? VERIFY VERIFY VERIFY.
Keep your loved ones close and your friends 6 feet away!
PS Of course, don’t just take my word for it. I will keep adding to a growing list of credible COVID-19 Cybersecurity related articles on my blog that will give you more than enough reference reading for this timely threat. Read Derek Harp’s article on LinkedIn related to cybersecurity and COVID-19 HERE!