Bad people taking advantage of dark times

by Joseph Socolof
Contributing Editor

Unfortunately, we live in a world where bad actors take advantage of any and all opportunities they can find. Even worse, it is often those who are most vulnerable that are taken advantage of. In daily life, we see it with the elderly, and we see it with young children. Today, in the world of the coronavirus, the pool of vulnerable people is growing exponentially. “Phishers know all too well that during uncertain times…people become desperate for information and reassurance.” 

It is not just those who have coronavirus who are targets, but those who live in the communities where coronavirus is prevalent – think Washington, California, and New York. Really, the fear goes beyond these handful of communities to almost everywhere in America – everyone has been impacted in some way and therefore, is likely to be more at risk. Simply put, people are afraid, and this makes them vulnerable.

For businesses, this should be concerning. Organizations, both public and private, are having their employees work from home. With new ways of working come new vulnerabilities. Organizations, in many cases, have not taken the necessary steps to protect data in an environment where employees are working remotely. Bad actors will use tactics like offering early access to coronavirus tests, false claims about cures, or simply fake sites that profess to provide information on coronavirus and what people should be doing. In most cases, these tactics are to get people to click a malicious link. From there, the damage is often already done. If individuals are using their work computers when they click the links, this can provide access into a firm’s network.

While there is no panacea or simple solution, there are a handful of pragmatic steps that organizations can, and should, take to protect themselves and their employees: i) revised policies and a robust communication plan, ii) updated controls and authentication, and iii) constant vigilance, to name a few.

Policies and Communication –As is always the case, an organization’s best line of defense is a well-educated workforce. Organizations need a robust communication plan, reminding employees of some of the basic good hygiene habits they should employ: watching out for emails from unknown senders, not clicking links, being aware of ‘special offers’. Best practice is to NEVER click links that you have not verified. If it means you must make a phone call, then make the phone call.

Controls and Authentication –Employees should make sure that the home networks are secure, and passwords have been updated / changed from their defaults. As a simple rule, work files should always be kept on the company’s secure cloud storage. Also, make sure computers that are being used to access work files are patched and updated and have end-point detection. All access to the work network should be conducted through secure means – a good solution being a VPN. Ideally, robust authentication tools will be in place – e.g. multi-factor for accessing work files.

Constant vigilance –Organizations need to have systems in place to detect unusual activity. Where possible, organizations are leveraging machine learning and AI to track user behaviors and look for anomalies. Even without machine learning, there are algorithms which will track unusual behaviors. Organizations need to be able to quickly analyze data and identify traffic that seems atypical.

The biggest thing we are finding is a need for organizations to operate differently. The standard method of building a roadmap to achieve some maturity level no longer works. Organizations need to be agile, focus on risk, and quickly put in place the systems and controls to protect themselves in a rapidly evolving environment. For us, the standard is the establishment of the most basic of war rooms. These allow organizations to quickly pull together the right capabilities and focus on the immediate tasks at hand.

We are happy to help.