COVID-19 has had a global impact on countries, organizations and citizens. While each country approaches the situation differently, Belgium has chosen to minimize social contact (social distancing), work from home as much as possible and close all non-critical services. As you can imagine, these measures will undoubtedly have an impact on cyber security.
For many people social distancing is not an easy task. Given that schools and daycares are also closed, juggling ones work and home responsibilities has become somewhat challenging. On top of that, organizations need to be aware of heightened cyber security risks related to remote working due to COVID-19. We currently see four main threats we want organizations to be aware of when it comes to remote working in these difficult times.
Phishing attempts specifically related to COVID-19. We have noticed fake e-mails, claiming to be from the health authorities, luring people to websites that try to infect the visitor’s computer. Since 23 February we have seen an increased number of COVID-19 related websites being registered to facilitate such attacks. Please advise staff to follow COVID-19 related news from official media outlets (e.g. in Belgium through the website of the crisis center: https://www.info-coronavirus.be/ or through your corporate intranet).
CEO fraud exploiting social distancing. CEO fraud takes place through e-mails or phone calls that try to persuade the receiver to transfer corporate money to other bank accounts. Usually, the requestor claims to be the CEO or CFO of a company under extreme time pressure to get an important payment through. Often, these CEO frauds are discovered because receivers of such requests check with their colleagues whether these communications can be trusted. However, with everyone working from home, we expect these checks to become less frequent. Please advise staff with access to corporate bank accounts to keep adhering to the four eyes principle of money transfers and motivate them to follow the incident management process and escalate irregular communications.
Insecure remote connections to the office. Not all organizations are technically prepared to offer (mass) remote working options and, subsequently, IT staff under time pressure might not acquire and offer the most secure solutions. We strongly encourage the use of multi-factor authentication for access to company data and to leverage secure and solid cloud solutions for collaboration, where possible. For collaboration, several companies are temporarily offering their solutions for free (e.g. Microsoft Teams, Google Hangouts Meet, LogMeIn Emergency Remote Work Kit, Cisco Webex etc.).
We’ve equally noticed an increase in the exploits of several collaboration tools. Organizations should focus on using up-to-date versions, and restrain from using obscure tools and services.
Increased personal use of office equipment. When working from home, employees are tempted to use their office equipment (e.g. laptop or smartphone) for personal purposes as well. This may increase the risk of these devices being infected with a virus or malware when visiting less secure (personal interest related) websites. Lately, advertisements on such websites have been especially known to spread malware. We recommend to automatically update office equipment, further to the advice of the software vendor/provider. We especially recommend to update browsers and related third-party software (e.g. PDF readers, Flash players and JAVA).
T: +32 477 30 14 49
T: +32 475 700 961