A message from our CEO
As organisations adapt to the current climate, many are working harder than ever to ensure business continuity, maintain productivity and serve customers. During this critical period, it can be easy to lose sight of cyber security and how IT and operational changes can leave data and assets more exposed to cyber-attacks.
To help keep your organisation, employees and customers safe at this crucial time we’ve put together this COVID-19 Resource Centre to share important security-related information. Redscan’s security teams are monitoring the threat landscape closely and will be sharing insights and advice as the situation unfolds.
Keep safe and well.
Mike Fenton
CEO, Redscan
Overview
Guidance to help protect your business during the Coronavirus outbreak and beyond
If, like most businesses, your organisation has been forced to adapt to new ways of working during the COVID-19 pandemic, then cyber security may not have been your key consideration. With new services and solutions being rolled out to support your workforce and customers, exposure to cyber threats can increase massively.
With the impact of the Coronavirus likely to be felt for a considerable period of time, and expected to lead to more permanent changes to the way organisations operate, particularly with regards to the adoption of home working, now is the time for increased vigilance. This includes ensuring that suitable controls are in place to mitigate the latest security risks, such as those in relation to home working.
How to address the security challenges of remote working
Read moreTrends
The latest coronavirus security trends
The Coronavirus pandemic has triggered a significant rise in global threat activity – criminals are using the situation to target people and organisations when they are most vulnerable.
Current COVID-19 security trends include:
- A huge rise in instances of Coronavirus-themed phishing attacks
- Increased distribution of Maze, Emotet, TrickBot and other types of ransomware
- Security and privacy concerns over the use of collaboration tools
- An increase in shadow IT and use of personal devices for remote working
- Targeted attacks on unsecured employee home networks
- A large growth in brute-force attacks launched against exposed RDP services
Recommendations
Key recommendations to protect your organisation against COVID-19 attacks
Looking for a remote working security assessment?
Get a quotePhishing
Spotting coronavirus-related phishing scams
For a long time, attackers have been using topical events as a hook to trick unsuspecting victims. It is therefore of no surprise that criminal actors are using the COVID-19 pandemic as an opportunity to target people and their need to stay safe.
Many of the latest COVID-19 phishing attacks are designed to steal login credentials, install malware and defraud victims. Current scams disseminate bogus health advice and details about government financial aid packages. Here’s how to protect your organisation against COVID-19 phishing scams:
- Conduct regular cyber awareness training and share example attacks
- Examine the sender address and be wary of emails with an urgent tone
- Enforce multi-factor authentication (MFA) across all systems and apps
- Use DMARC and SPF to help identify email spoofing
- Monitor platforms such as Office 365 and G Suite for suspicious activity
- Commission a simulated phishing exercise to assess employees
FAQs
COVID-19 cyber security FAQs
- Why are remote workers a security risk during COVID-19?
-
With many employees forced to work from home, the security protection that they would otherwise benefit from in the office is reduced. As a consequence, endpoint devices such as laptops and workstations are more vulnerable and more frequently targeted by criminals. During the COVID-19 pandemic, employees are also accessing corporate systems and data en masse, often on personal devices and without having received security awareness training.
- What COVID-19 security risks should homeworkers be aware of?
-
Homeworkers should be alert to a wide range of remote working security risks during the COVID-19 pandemic. Users should be particularly aware of coronavirus-themed phishing attacks, designed to trick recipients into disclosing sensitive information and/or installing malware.
Employees also need to exercise caution when using third party applications such as video conferencing software, which could introduce security vulnerabilities and create privacy and compliance issues.
- How should COVID-19 affect cyber security strategies?
-
If many industry analysts are to be believed, mass remote working could become the new norm. As organisations are forced to embrace digital transformation to support new ways of working, security leaders will need to realign strategies to focus less on threat prevention and on-premises solutions, in favour of proactive detection and response and security in the cloud. More organisations may also try to move towards adopting a zero-trust security model.
- Why is cyber security important during the COVID-19 outbreak?
-
Around the world, organisations are downsizing their workforce to streamline costs and improve efficiencies. Organisations that completely cut back on cyber security during this time are likely to face an increased level of risk. Attackers are targeting remote workers and organisations that don’t have suitable controls in place to protect them. A cyber security breach could be hugely damaging, inflicting extensive financial and reputational damage.
- What cyber security support is available during the COVID-19 outbreak?
-
If your organisation is worried about its cyber security during the coronavirus outbreak, organisations such as the NCSC and SANS have published lots of free advice online. Security service providers are also good to turn to. Redscan, for instance, has published a COVID-19 Security Resource Centre to help share information and advice.
- What is Redscan doing to protect customers during COVID-19?
-
Protecting the safety and health of Redscan’s employees, customers and partners remains of utmost priority. To this end, we have initiated a number of business continuity measures that will ensure our security operations remain resilient and operational 24/7. This includes controls to enable our SOC to be managed remotely, without any adverse impact. Our security teams are monitoring the threat landscape closely and actively responding to the latest threat intelligence to better protect our clients.
Our Services
Our award-winning services
Redscan’s security services are designed to provide the vital assistance needed to make tangible improvements to your organisation’s cyber security posture.
Managed Detection and Response
Award-winning support to rapidly detect and respond to the latest threats 24/7
Read more
Assessment Services
Specialist engagements to uncover and address hidden cyber security risks
Read moreManaged Security Services
Expert help to manage and monitor your choice of security technologies
Read moreGet in touch
Complete the form for a prompt response from our team.
Resources