ICIT Solution Insights offers use case based education on technology products and how they address problems facing our nation’s critical infrastructure sectors. These reports help our community navigate the crowded vendor ecosystem with trusted knowledge from ICIT.
Just because we are in the midst of a global pandemic does not mean we get a reprieve from cyber threats. Reports of COVID-19 related incidents show that many adversaries appear emboldened by the ongoing chaos and aim to compromise sensitive networks and systems while the workforce is adapting to the turmoil. For instance, a malicious coronavirus tracker was found to be spreading malware, the FBI has reported phishing campaigns with COVID-19 themed lures, and the Department of Health and Human Services (HHS) experienced DDoS attempts from multiple sources. Regardless of how long this current pandemic lasts, the age of mass teleworking is here. Adversaries are aware of the challenges that telework has introduced into the security landscape and they are leveraging the dynamics of the ongoing crisis to exploit corporate systems that may not have been adequately secured or prepared for the telework migration.
This report provides detailed nontechnical and technical steps that can improve the security posture of any organization.
Triage and Update Existing Security Policies and Procedures
- Reduce the Risk of Insider Threats
- Secure Wi-Fi Connections
- Establish Clear and Consistent Communication
- Restrict Transmission of Organization Data
- Update Security Policies
- Provide Telework Support
- Educate on the Risk of Phishing Scams
- Secure Physical Workspaces
Plan for the Future
- Implement and Require a Virtual Private Network (VPN)
- Protect Endpoints
- Secure Applications
- Consider Virtualization
- Enforce Multifactor Authentication
- Encrypt Sensitive Data While in Storage, Processing, and Transit
- Monitor User Behavior