Cybersecurity Awareness During the COVID-19 Pandemic

Apr 1, 2020

By John Carbo, Director of Information Security at Abacus Group

Throughout the COVID-19 pandemic, there has been an increasing number of cybersecurity-related attacks. Hackers are capitalizing on the increased number of people working remotely. Phishing and social engineering attacks are focused on exploiting COVID-19 related health, financial and job opportunity concerns. In the past two weeks, over 6,000 COVID-19 related URLs have been registered. Many of these URLs are and will be used to distribute phishing emails, ransomware and malicious code.

What can you do?

  • Follow your firm’s cybersecurity and acceptable use policies.
  • Report cybersecurity events or concerns according to your firm’s policy.
  • Set all user passwords to expire every three months minimum.
  • Treat your home setup with the same care as your office setup.
  • If using a personal device for remote access, ensure the operating system and antivirus application are up-to-date.
  • Enable two-factor authentication where possible, and where not possible, use complex and unique passwords.
  • Hold sensitive conversations and conference calls in non-public locations.
  • To counter robocalls and tech support scams, confirm the identity of the person or organization before giving any information. In some cases, it may be necessary to call back on a known, authenticated number.
  • Be wary of email attachments. There has been an increase of resumes and CVs sent to HR with malicious attachments.
  • Think before you click. Cyber criminals are targeting people seeking information on COVID-19. Malware campaigns are impersonating organizations like WHO, CDC, and other sources by asking users to click on links to download outbreak maps. Only go directly to reputable websites.
  • Limit access to devices used for work.

Abacus has been and will continue to monitor these threats, as part of our Defense-in-Depth cybersecurity structure.

What is Abacus doing?

  • Monitoring threat intel feeds and government advisories on the latest vulnerabilities and cybersecurity attacks.
  • Creating IOCs (indicators of comprise) in our Security Information Event Management (SIEM) system to detect, prevent and alert on malicious activity.
  • Automating updates to the threat intel feeds to keep the Abacus SIEM up to date.
  • Confirming the attack “kill chain” and mapping them to our Defense-in-Depth security controls to mitigate the attack.

More information about Abacus’ strategy around the COVID-19 pandemic can be found on our COVID-19 FAQ page.

You May Also Like

These Stories on cybersecurity

Background image with financial charts and graphs on media backdrop

Learn more about how your investment firm can benefit from our flexible, scalable & secure IT services.

Contact Us