Monthly Archives

April 2020

COVID-19 threat landscape

Managing the Increased COVID-19 Threat Landscape

By | threat detection | No Comments

The threat landscape of COVID-19 is perilous. thinkCSC put together these guidelines for clients and shared the information directly with them via email, but any organization will benefit from these resources and guidelines.

COVID-19 Specific Security Recommendations

This information from the FTC should be shared with your remote workforce to ensure the security of your network as well as theirs.

CISA also has several recommendations worth sharing:

Phishing Scams Abound

We expect an increased phishing threat used mostly to steal personally identifiable information. Here is some additional information on avoiding various phishing threats.

CISA offers several guidelines to increase awareness for social engineering and phishing attacks. You can also download the thinkCSC email security guide (PDF). Read and share our resources on email security and phishing.

Is Zoom Secure?

Zoom continues to be a threat to your infrastructures and data. As securing a product is a lengthy endeavor, thinkCSC would suggest switching to a more mature product with greater security built in. If that’s not possible, here are some tips to help make meetings more secure. Also, make sure to always update your Zoom product when asked.

  • Don’t publicly share your Zoom “Meeting ID.” Send it directly to the people you want on the call.
  • Set a password for the meeting, then share that only with the right people.
  • Make sure “screen sharing” is set to “Host Only.” That prevents other people on the call from abruptly blasting text or images onto the other participants’ screen — a favored tactic of “Zoombombing” trolls.
  • Use the “waiting room” feature. It prevents new participants from joining the call until the host approves.

General Security Posture

While phishing and similar attacks will be on the rise, overall systems security will also be tested with the increased COVID-19 threat landscape. Provided are links with additional information and as always you can contact your thinkCSC team for details.

CISA

  • Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.
  • Alert employees to an expected increase in phishing attempts.
  • Ensure IT security personnel are prepared to ramp up the following remote access cybersecurity tasks: log review, attack detection, and incident response and recovery.
  • Implement MFA (multiple forms of authentication in addition to username and password) on all VPN connections to increase security.

NSA (PDF)

  • Update and Upgrade Software
  • Defend Privileges and Accounts
  • Enforce Signed Software Execution Policies
  • Exercise a System Recovery Plan
  • Actively Manage Systems and Configurations
  • Continuously Hunt for Network Intrusions
  • Leverage Modern Hardware Security Features
  • Segment Networks and Deploy Application-Aware Defenses
  • Integrate Threat Reputation Services
  • Transition to Multi-Factor Authentication

Be sure to review thinkCSC’s information on teleworking safely and our latest security alert.

thinkCSC is ready to help ensure the continuity of your business. While we may have entered uncharted territory with regard to this pandemic and the increased COVID-19 threat landscape, thinkCSC continues to be at your service. Please get in touch if you need support for your remote workforce. If you have questions or concerns regarding your organization’s security, get in touch.