Protecting your business from cyber crime during Coronavirus

A recent update by the UK’s National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) reported no overall increase in cyber crime but more crimes relating to coronavirus, particularly government-branded scams in the UK.

These fall into three main categories:
– Phishing emails or Texts to get you to download a link or give away your details
-Vulnerabilities in networks as people work from home
– Online conferencing

Phishing emails or Texts to get you to download a link or give away your details
These emails or texts often masquerade as trusted entities. It is relatively easy to fake an email for example to appear to come from a legitimate authority such as the UK Government, World Health Organisation or the FD of your company.
Beware anything that asks you to download file or app and be aware that any webpages you click through to may look genuine. Coronavirus updates or trackers in your town / county or promised government rebates or fines have been used as lures to get people to click on links.

NCSC’s top tips for spotting a phishing email:
– Authority:Is the sender claiming to be from someone official (like your bank, doctor, a solicitor, government department)? Criminals often pretend to be important people or organisations to trick you into doing what they want.
– Urgency: Are you told you have a limited time to respond (like in 24 hours or immediately)? Criminals often threaten you with fines or other negative consequences.
– Emotion: Does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.
– Scarcity: Is the message offering something in short supply (like PPE, money or a cure for medical conditions)?

Vulnerabilities in networks as people work from home
Criminals have been seen to exploit vulnerabilities in Citrix, Pulse Secure, Fortinet and Palo Alto as more people work from home.
There is also an increased risk of fraud being committed with emails requesting quick payments of invoices exploiting that people are working from home.

Online conferencing
There has been a reported increase in people hijacking zoom meetings and of phishing emails which appear to come from Microsoft Teams or Zoom.

FBI tips for defending against online meeting hijacking:
-Do not make meetings public. Instead, require a meeting password or use the waiting room feature and control the admittance of guests.
-Do not share a link to meeting on an unrestricted publicly available social media post or on Eventbrite. Provide the link directly to specific people.
-Manage screensharing options. Change screensharing to “Host Only.”
-Ensure users are using the updated version of remote access/meeting applications.

Links to NCSC Guidance

– Phishing and suspicious emails: https://www.ncsc.gov.uk/guidance/suspicious-email-actions and https://www.ncsc.gov.uk/guidance/phishing
– Malware and Ransomeware: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks
– Home working: https://www.ncsc.gov.uk/guidance/home-working

This update is based on the UK’s National Cyber Security Centre (NCSC) and the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) provided an update on 8 April 2020 of cyber crime exploiting the coronavirus pandemic. Read the full report here.