COVID-19: Cybersecurity during the global pandemic
What we are seeing…
As the effects of the Coronavirus are felt around the world, governments’ and business’ primary focus is the safety of their citizens, employees and customers.
Meanwhile, cyber attackers are impersonating health organisations (e.g. World Health Organization) and other entities in order to exploit the current situation. They are achieving these though malicious email campaigns designed to invoke fear that they hope will trigger action that will provide the opportunity to gain access to systems and sensitive information.
Applying a carefully considered approach will enable organisations to proactively address cyber challenges during these extraordinary times. Below, we offer some cyber considerations for organisations as they align their strategies and workforce to face into the COVID-19 challenge.
With increase remote working, there is increased use of mobile devices and remote access to core business systems. These new working patterns will increase the opportunities for cyber attackers.
This means that taking proactive measures to enable both enhanced user experience and online safety is of paramount importance.
Unprotected devices could lead to the loss of data, privacy breaches, and systems being held at ransom. Organisations should:
- enforce a consistent layer of multi-factor authentication (MFA) or deploy a step-up authentication depending on the severity of access requests.
- ensure identity and access management processes to fully secure third-party identities access networks.
- have a comprehensive view of privileged identities within their IT environments, including a procedure to detect, prevent, or remove orphaned accounts.
Phishing campaigns related to COVID-19 are increasing and well disguised as reputable health organisations. Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Attacks like these can propagate quickly and extensively impact an entire enterprise network, cause identity theft and submissions of fraudulent claims for payments and benefit programs.
Tips to avoid being “phished”
- Exercise caution in handling any email with a COVID-19 related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.
- Use trusted sources—such as legitimate, government websites for up-to-date, fact-based information about COVID-19.
- Do not reveal personal or financial information in an email, and do not respond to email solicitations for this information.
In an era of cyber everywhere, with more technological transformation, use of cloud, and broader networking capabilities, the threat landscape continues to evolve, and cyber-criminals are increasingly looking to attack operational systems and backup capabilities simultaneously in highly sophisticated ways that can lead to organisation-wide destructive cyberattacks.
Organisations can improve their defence posture and attack readiness by identifying their “crown jewel assets”, practising good cyber hygiene, reviewing their; incident response strategy, architecture and cyber recovery solutions to mitigate the impact of cyber-attacks.
A viable cyber resiliency program expands the boundaries of traditional risk domains to include new capabilities like employee support services; out-of-band communication and collaboration tools; and a cyber recovery vault.
No matter the event or circumstance, Deloitte helps organisations to strategically prepare for, respond to, recover and transform from high-consequence cyber incidents that could seriously disrupt operations, damage reputation, and destroy shareholder value.
Cyber strategies should converge across business operations, business continuity/technical resilience, and crisis management functions as well as employ unique methods that reveal network exposures, detection of advanced threats and discovering systemic incident response process gaps