Cybersecurity Awareness During the COVID-19 Pandemic

Apr 1, 2020

By John Carbo, Director of Information Security at Abacus Group

Throughout the COVID-19 pandemic, there has been an increasing number of cybersecurity-related attacks. Hackers are capitalizing on the increased number of people working remotely. Phishing and social engineering attacks are focused on exploiting COVID-19 related health, financial and job opportunity concerns. In the past two weeks, over 6,000 COVID-19 related URLs have been registered. Many of these URLs are and will be used to distribute phishing emails, ransomware and malicious code.

What can you do?

  • Follow your firm’s cybersecurity and acceptable use policies.
  • Report cybersecurity events or concerns according to your firm’s policy.
  • Set all user passwords to expire every three months minimum.
  • Treat your home setup with the same care as your office setup.
  • If using a personal device for remote access, ensure the operating system and antivirus application are up-to-date.
  • Enable two-factor authentication where possible, and where not possible, use complex and unique passwords.
  • Hold sensitive conversations and conference calls in non-public locations.
  • To counter robocalls and tech support scams, confirm the identity of the person or organization before giving any information. In some cases, it may be necessary to call back on a known, authenticated number.
  • Be wary of email attachments. There has been an increase of resumes and CVs sent to HR with malicious attachments.
  • Think before you click. Cyber criminals are targeting people seeking information on COVID-19. Malware campaigns are impersonating organizations like WHO, CDC, and other sources by asking users to click on links to download outbreak maps. Only go directly to reputable websites.
  • Limit access to devices used for work.

Abacus has been and will continue to monitor these threats, as part of our Defense-in-Depth cybersecurity structure.

What is Abacus doing?

  • Monitoring threat intel feeds and government advisories on the latest vulnerabilities and cybersecurity attacks.
  • Creating IOCs (indicators of comprise) in our Security Information Event Management (SIEM) system to detect, prevent and alert on malicious activity.
  • Automating updates to the threat intel feeds to keep the Abacus SIEM up to date.
  • Confirming the attack “kill chain” and mapping them to our Defense-in-Depth security controls to mitigate the attack.

More information about Abacus’ strategy around the COVID-19 pandemic can be found on our COVID-19 FAQ page.

Background image with financial charts and graphs on media backdrop

Learn more about how your investment firm can benefit from our flexible, scalable & secure IT services.

Contact Us