As organisations adapt to the current climate, many are working harder than ever to ensure business continuity, maintain productivity and serve customers. During this critical period, it can be easy to lose sight of cyber security and how IT and operational changes can leave data and assets more exposed to cyber-attacks.
To help keep your organisation, employees and customers safe at this crucial time we’ve put together this COVID-19 Resource Centre to share important security-related information. Redscan’s security teams are monitoring the threat landscape closely and will be sharing insights and advice as the situation unfolds.
Keep safe and well.
How to address the security challenges of remote workingRead more
- A huge rise in instances of Coronavirus themed phishing attacks
- Increased distribution of Maze, Emotet, TrickBot and other types of ransomware
- Security and privacy concerns over the use of collaboration tools
- An increase in shadow IT and use of personal devices for remote working
- Targeted attacks on unsecured employee home networks
- A large growth in brute-force attacks launched against exposed RDP services
Looking for a remote working security assessment?Get a quote
For a long time, attackers have been using topical events as a hook to trick unsuspecting victims. It is therefore of no surprise that criminal actors are using the COVID-19 pandemic as an opportunity to target people and their need to stay safe.
Many of the latest COVID-19 phishing attacks are designed to steal login credentials, install malware and defraud victims. Current scams disseminate bogus health advice and details about government financial aid packages. Here’s how to protect your organisation against COVID-19 phishing scams:
- Conduct regular cyber awareness training and share example attacks
- Examine the sender address and be wary of emails with an urgent tone
- Enforce multi-factor authentication (MFA) across all systems and apps
- Use DMARC and SPF to help identify email spoofing
- Monitor platforms such as Office 365 and G Suite for suspicious activity
- Commission a simulated phishing exercise to assess employees
- Why are remote workers a security risk during COVID-19?
With many employees forced to work from home, the security protection that they would otherwise benefit from in the office is reduced. As a consequence, endpoint devices such as laptops and workstations are more vulnerable and more frequently targeted by criminals. During the COVID-19 pandemic, employees are also accessing corporate systems and data en masse, often on personal devices and without having received security awareness training.
- What COVID-19 security risks should homeworkers be aware of?
Homeworkers should be alert to a wide range of remote working security risks during the COVID-19 pandemic. Users should be particularly aware of coronavirus themed phishing attacks, designed to trick recipients into disclosing sensitive information and/or installing malware.
Employees also need to exercise caution when using third party applications such as video conferencing software, which could introduce security vulnerabilities and create privacy and compliance issues.
- How should COVID-19 affect cyber security strategies?
If many industry analysts are to be believed, mass remote working could become the new norm. As organisations are forced to embrace digital transformation to support new ways of working, security leaders will need to realign strategies to focus less on threat prevention and on-premises solutions, in favour of proactive detection and response and security in the cloud. More organisations may also try to move towards adopting a zero-trust security model.
- Why is cyber security important during the COVID-19 outbreak?
Around the world, organisations are downsizing their workforce to streamline costs and improve efficiencies. Organisations that completely cut back on cyber security during this time are likely to face an increased level of risk. Attackers are targeting remote workers and organisations that don’t have suitable controls in place to protect them. A cyber security breach could be hugely damaging, inflicting extensive financial and reputational damage.
- What cyber security support is available during the COVID-19 outbreak?
If your organisation is worried about its cyber security during the coronavirus outbreak, organisations such as the NCSC and SANS have published lots of free advice online. Security service providers are also good to turn to. Redscan, for instance, has published a COVID-19 Security Resource Centre to help share information and advice.
- What is Redscan doing to protect customers during COVID-19?
Protecting the safety and health of Redscan’s employees, customers and partners remains of utmost priority. To this end, we have initiated a number of business continuity measures that will ensure our security operations remain resilient and operational 24/7. This includes controls to enable our SOC to be managed remotely, without any adverse impact. Our security teams are monitoring the threat landscape closely and actively responding to the latest threat intelligence to better protect our clients.
Managed Detection and Response
Award-winning support to rapidly detect and respond to the latest threats 24/7Read more
Specialist engagements to uncover and address hidden cyber security risksRead more
Managed Security Services
Expert help to manage and monitor your choice of security technologiesRead more
Get in touch
Complete the form for a prompt response from our team.