While challenging and uncertain times can pull people together, cyber criminals will use these times to harm others so they can profit. To wit, Anomali, a company that helps companies prevent cyber threats, released a study recently that says at least 15 COVID-19-related campaigns associated with 11 threat actors with 39 malware families are out there now – which means it’s no time to slouch on your cyber security strategies.
The Cybersecurity and Infrastructure Security Agency (CISA) is also looking into the COVID-19-related threats with a little help from a similar agency in the United Kingdom.
“These cyber threat actors will often masquerade as trusted entities,” CISA’s summary of attacks reports. “Their activity includes using coronavirus-themed phishing messages or malicious applications, often masquerading as trusted entities that may have been previously compromised. Their goals and targets are consistent with long-standing priorities such as espionage and ‘hack-and-leak’ operations.”
According to CISA, the bad actors are typified by the following tactics:
- Attack newly and rapidly deployed remote access and teleworking infrastructure
- Use phishing with COVID-19 subject lines as a lure
- Register new domain names that have words related to the coronavirus
- Distribute malware, using coronavirus and COVID-19 themes
Protecting Against Threats
Fortunately, you can do more than sit around and hope you don’t become a target. One of the first places to look for protection is at your endpoints. Utilizing Microsoft Defender ATP, which you will have access to with the Windows 10 E5 license, will help you protect your endpoints, as will other approved endpoint protection tools.
If you haven’t brought multi-factor authentication (MFA) protections in to help you stay safe while using email or accessing the company online exchange, now is the time to do it. MFA requires very little for you to do on your part, and it’s highly effective in blocking cyber criminals.
Improve Email Protections
Company emails are often the doorway through which cyber criminals waltz through. For this reason, it’s smart to filter your email and establish hygiene rules on which every person with access to the network should be held accountable. As many companies are utilizing Microsoft Office products, consider ATP (advanced threat protection) service, which is cloud based and will help you filter emails with “zero-day” protection.
At Clarksys, we know that it can become easy to feel overwhelmed about securing your IT, which is why we want to assist you with risk analysis, data protection and compliance, endpoint security, managed firewall, and security as a service solutions. Contact us and let’s discuss your approach to security and how we can be the agent that puts you in touch with the right protections.