Cybersecurity Rules in the Time of COVID-19


Ngn Банер Блог

Cybersecurity Rules in the Time of COVID-19


On March 17, Government Executive Committee of Bahrain introduced additional precautionary measures to curb the spread of Coronavirus (COVID-19), encouraging remote working when possible, limiting public gatherings to 20 people or fewer, and committing to stay at home as much as possible, going out for necessity only. It was also decided, until further notice, to suspend studying in public and private schools, higher education institutions, and kindergartens.

COVID-19 affects our lives in a radical way. We are learning to transform routine habits and change both work and life style, and we must be much more responsible and self-isolate to lessen the danger threatening the life of people around and our own health. Cybercriminals are also adapting to the situation; they invent new tricks and search for loopholes enabling them to steal your funds and valuable data. However, our awareness can defeat cybercrimes. Therefore, we collected the most urgent cyber threats to let you know how to protect yourself from criminals in this disturbing time of pandemic COVID-19.

Who is at risk?

Group-IB experts forecast a surge of cyberattacks on hardware and unsecured home networks of employees working remotely due to the coronavirus. Employees of telecom operators and IT companies are the first most likely to come under attack, while the finance industry seems to be the most tempting target. Attacks can take place for spying purposes, apart from money theft. A rise in the number of frauds is expected in the tourism industry (refund centers of airlines, hotels, etc.). Moreover, insiders whose salaries are reduced due to switching to remote working may cause harm to their organizations.

So pay particular attention to the tools you are going to use to work remotely, and remember that free fraudulent services are springing up like mushrooms (video conference and online learning platforms, subscriptions to video streaming services, and fake food delivery mobile apps). Selling fakes is just the tip of the fraud iceberg. The DomainTools Security Research team discovered linked sites and apps attempting to steal your personal data. The idea was simple: the website was luring users into downloading an Android application under the guise of a COVID-19 heat map. Analysis of the application showed that the APK contained ransomware. Therefore, be sure to only use trusted services and apps.

Don't forget about your senior family members – a vulnerable target for cybercriminals and fraudsters offering home delivery of goods and selling medication along with COVID-19 tests. According to Check Point experts, "over 16,000 new coronavirus-related domains were registered since the beginning of January." And the situation gets worse: "In the past three weeks alone (since the end of February 2020), we have noticed a huge increase in the number of domains registered – the average number of new domains is almost 10 times more than the average number found in previous weeks. 0.8% of these domains were found to be malicious (93 websites), and another 19% were found to be suspicious (more than 2,200 websites)," they add. There are also many fake online ‘sales’ offering premium goods at unbelievable prices. Again, talk to your seniors and warn them about possible risks.

How to ensure security when working remotely

There is a set of recommendations by cybersecurity experts –follow them to ensure secure and trouble-free remote work. Group-IB, for example, gives the following guidelines:

  • Allow remote access to the organization's network strictly with two-factor authentication.
  • Avoid accessing the corporate network through third-party services that use intermediate servers and take over the responsibility for authorization and authentication issues.
  • Both network segmentation and access right differentiation are required. It is recommended that even remote user activity is covered by the organization's perimeter security tools.
  • If employees use home computers, it is recommended that they use terminal remote access to the corporate network and a virtual desktop with all required security tools installed.
  • If employees use email remotely, ensure that their accounts are protected with two-factor authentication. Moreover, it is required that malware detonation systems are implemented to analyze incoming and outgoing emails.
  • Check all services and devices for remote access for updates of firmware and security patches. Internet-facing open ports of remote-control services are a key target for attacks. Another way to ensure secure work is to access services using only VPNs protected with two-factor authentication.
  • Check the availability and duration of logging remote user actions. Ensure that remote sessions automatically time out after a specified period of inactivity and that they require re-authentication to gain access.

Finally, make sure, your organization has adopted all the listed measures or contribute this idea to your management, thus making security of the business even stronger. The sooner you take security measures and let experts take care of it, the better.