Cybersecurity Impact of COVID-19

Earlier this month, the World Economic Forum put out an article titled “Why cybersecurity matters more than ever during the coronavirus pandemic.” I’m going to summarize this article, share what we see across our customer base, and share some tactics for businesses to reduce risk during what is a chaotic and challenging time.

The key points of the article are:

  1. A heightened dependency on digital infrastructure raises the cost of failure.
  2. Cybercrime exploits fear and uncertainty.
  3. More time online could lead to riskier behaviour.

And the World Economic Forum recommendations are…

  1. Step up your cyber hygiene standards. 
  2. Be extra vigilant on verification. 
  3. Follow official updates.

While the WEForum article is an easy read, it doesn’t offer much actionable insight for technology and business leaders who are working to keep their businesses afloat while navigating drastic changes in remote work policies and supporting infrastructure. We have posted a list of cybersecurity resources specific to the COVID-19 pandemic here: COVID-19 Cybersecurity Resources (continuously updated)

Across our client base, we see issues ranging from capacity issues affecting existing VPN deployments, to overnight roll-outs of new remote access solutions to support a workforce that has not operated remotely before.

In both scenarios, we see businesses making fast decisions that have consequences for cybersecurity. 

When you make configuration or architectural changes to your IT infrastructure, you can introduce security weaknesses that make you vulnerable to attack. Normally, businesses with mature technology risk management programs have procedural and technical controls in place to mitigate risk and ensure that changes are made safely. Unfortunately, most small and medium sized businesses do not have such controls, but are still forced to make these rapid changes. At the enterprise level, decisions can be made to temporarily accept the risk of a change in order to support operational capacity, and these risks are tracked for future assessment and remediation.

When the dust settles from this pandemic – and it will settle – organizations will have shifted permanently. Remote work capacity will become a high-priority business continuity best practice. At the same time, employees will look at it less like a perk and more like a default way to operate. Changes to your policies and IT infrastructure made quickly and under duress cannot be forgotten about when the dust settles. Gaps in work-from-home policy and technical controls that are knowingly or unknowingly introduced today can increase long-term cyber risk if not identified and managed.

If you are deploying new remote access infrastructure, or making changes to an existing deployment, here are some questions you should consider:

  1. Are you able to deploy effective 2-factor authentication controls, or are you forgoing 2FA for immediate convenience?
  2. Is your help desk prepared for common social engineering attacks that pursue employee account takeovers?
  3. Are laptops and mobile devices properly configured to reduce the risk of unauthorized software installs and other types of access common in a work-from-home environment?
  4. Are VPN network ACLs configured in accordance with the principle of least privilege?
  5. Are system administrators and engineers spinning up Shadow IT assets to solve immediate pains at the expense of sound risk management?

If you’d like to learn more about how to review your remote access infrastructure to make sure it’s secure, we can help. If you’d like more tactical advice on how to safely work remotely, check out this post by the Carve team.

The Carve team is 100% operational and here to support our customers and friends during the COVID-19 pandemic. If you or someone you know needs cybersecurity help related to the pandemic, Carve Systems and our partner organizations can help.

Article Link: