Cyber Security Best Practices During Coronavirus Outbreak

Organisations’ online assets are critical to business performance and during these current circumstances, cyber attackers are not losing the opportunity to exploit weaknesses, whether they are technical flaws our cloud misconfiguration, which can prove very costly and damage a company’s reputation.

It is certain that cyber security practices must be strategically implemented if a business does not want to risk losing data, money, company reputation, and customers’ trust. In fact, attacks have grown in number during the current worldwide lockdowns. Attacks have increased over the last couple of months, and phishing scams have been common in recent weeks. Who hasn’t ever received an email asking for payments or calling back telephone numbers?

World Health Organisation (WHO) and UK universities are nowadays at risk. Even after the WannaCry ransomware attack in 2017, the NHS situation is more fragile than ever, and the NHS can be at risk of a major cyberattack while it is facing the outbreak of coronavirus, according to the think tank Chatham House. “Mitigating current potential threats are beyond its ability” stresses Joyce Hakmeh, Senior Research Fellow of this institution, who recognises that the health service is already at a “breaking point”.

Unfortunately, the same thing can happen to any company, especially when many companies have made significant changes to their IT architecture, including increasing their online presence and implementing infrastructure changes to support remote workers during the lockdown.

The roles of IT managers and CISOs (Chief Information Security Officer) have become more critical than ever and, on top of normal responsibilities to maintain business as usual, they must prioritise cyber security measures.

To help them better set up achievable defensive and offensive strategies, at RedSpam we highlight 6 key practices against cybercrimes:

1. Testing out response plans

Ethical hacking is the practice of testing IT systems with the permission of its owner to determine vulnerabilities and weak points on a computer system, network, or web application. It helps companies identify the weaknesses that an attacker could exploit. Penetration can be automated with software applications or performed manually (we partner with AppCheck). It is possible to set up an automated penetration test against your critical IT assets (web applications or infrastructure). CISOs and IT managers must diligently test them out to validate their effectiveness and practicality.

2. Keeping threats at bay

DDoS attack methods approach the goal of disrupting services from different avenues. DDoS attacks often focus on the victim’s network protocols, bandwidth, and/or application layer, and are typically measured in terms of packets per second, bits per second, or requests per second (RPS) depending on the area of focus.

Overwhelming a webserver could also mean taking out ALL your business communications for minutes, hours, days, weeks, and prevent your customers from trading online with you. Only a few businesses can say that they are prepared to face threats because they have DDoS response plans in hand, and the biggest priority is to ensure that operations can carry on as usual. So if you are hit by a DDoS attack during this crisis, we offer one free DDoS mitigation instance, which will keep your business running for 48 hours.

3. Gain perspective of your connection and devices

Working from home also means CISOs will have to understand that not everyone in the workforce can have access to secure networks, VPNs, or the right cyber security solutions.

In today’s dynamic threat landscape, cloud and hybrid solutions will scale and grow at the speed of business and offer real-time protection for the most sophisticated web security threats. The connection of BYOD laptops, mobiles, and other wireless devices to corporate networks and the cloud creates attack paths for security threats. CASB solutions ensure that devices follow a definite level of compliance standards and safety in Cloud Application usage.

4. Gain perspective of your URL

Each type of cloud service and deployment strategies have emerged to help meet the specific needs of different users. Deception technology plants various types of decoys across the environment to tempt attackers to come out of hiding. CISOs and IT managers can discover and classify network assets, including legacy systems and create multiple decoys of databases, domain servers, users, and create breadcrumbs to attack.

With a deception plan, the company can automatically discover and classify network assets, create and activate decoy layer based on the real network, and reduce dwell time with an active post-breach defence. Get in touch with us if you want to know more about this practice.

5. Pooling intelligence to gain a better perspective

As people became more suspicious of any outbound email that could easily identify rudimentary phishing and scam techniques, so do new types of phishing, more sophisticated email phishing, SMS phishing, and domain spoofing. Sometimes phishing not only results in loss of information, but also injects viruses into the victim’s device. And once infected, phishers gain control over devices!

Although easy to execute, the best way to prevent these attacks is by carefully reading senders’ content (SMS, email, misspelt URL, website homepage…) before taking any other actionable option.

At RedSpam we partner with Knowbe4 to provide security awareness and we also offer general security training and awareness for staff. It’s understandable that employees cannot go through each risky process and wait for CISOs’ approvals or feedback, so it’s important to get this done quickly and train the workforce to make smarter decisions.

6. Secure your data and prevent data loss

Remote workforce means that sometimes risky moves such as file downloads from emails and online data sharing can go without any form of protection.

Network data loss prevention (DLP) capabilities are critical to support compliance, protect intellectual property, and augmented security awareness. Network DLP is important for detecting and preventing accidental data loss. Advanced threats, and the move towards microservices and containerised applications, mean that application security solutions must do much more.

New threats are constantly emerging during this outbreak, and your applications’ security should too. Our specialists at RedSpam recommend keeping an eye on collaboration tools and networks so they do not become strains of malware. A good habit will be to make sure they are clear guidelines or protocols so the workforce can take better security decisions.

When it comes to cybersecurity, it can be almost impossible to eliminate the risks, but businesses can work towards minimising the impact. Technology, banking, healthcare, gaming, or e-commerce are the most targeted industries for cyberattacks because they combine a huge number of users and personal details.

Get in touch with our team if you want to try a free Penetration testing, a free DDoS Monitoring and Mitigation Solution, free CASB testing, or find out more information about our existing offers for businesses during the outbreak.

Contact us >>