By John Carbo, Director of Information Security at Abacus Group
Throughout the COVID-19 pandemic, there has been an increasing number of cybersecurity-related attacks. Hackers are capitalizing on the increased number of people working remotely. Phishing and social engineering attacks are focused on exploiting COVID-19 related health, financial and job opportunity concerns. In the past two weeks, over 6,000 COVID-19 related URLs have been registered. Many of these URLs are and will be used to distribute phishing emails, ransomware and malicious code.
What can you do?
- Follow your firm’s cybersecurity and acceptable use policies.
- Report cybersecurity events or concerns according to your firm’s policy.
- Set all user passwords to expire every three months minimum.
- Treat your home setup with the same care as your office setup.
- If using a personal device for remote access, ensure the operating system and antivirus application are up-to-date.
- Enable two-factor authentication where possible, and where not possible, use complex and unique passwords.
- Hold sensitive conversations and conference calls in non-public locations.
- To counter robocalls and tech support scams, confirm the identity of the person or organization before giving any information. In some cases, it may be necessary to call back on a known, authenticated number.
- Be wary of email attachments. There has been an increase of resumes and CVs sent to HR with malicious attachments.
- Think before you click. Cyber criminals are targeting people seeking information on COVID-19. Malware campaigns are impersonating organizations like WHO, CDC, and other sources by asking users to click on links to download outbreak maps. Only go directly to reputable websites.
- Limit access to devices used for work.
Abacus has been and will continue to monitor these threats, as part of our Defense-in-Depth cybersecurity structure.
What is Abacus doing?
- Monitoring threat intel feeds and government advisories on the latest vulnerabilities and cybersecurity attacks.
- Creating IOCs (indicators of comprise) in our Security Information Event Management (SIEM) system to detect, prevent and alert on malicious activity.
- Automating updates to the threat intel feeds to keep the Abacus SIEM up to date.
- Confirming the attack “kill chain” and mapping them to our Defense-in-Depth security controls to mitigate the attack.
More information about Abacus’ strategy around the COVID-19 pandemic can be found on our COVID-19 FAQ page.