COVID-19 pandemic has changed the demographics of the world. There is a lot of fear in the air and organized crime groups are exploiting fear and uncertainty by targeting and attacking organizations and EHR Software vendors.
What are these threats and attacks?
It is important to stay a step ahead of these threats to ensure privacy and personal security. The attacks can be in the form of malware and phishing emails related to COVID-19 and daily spam messages related to the pandemic. The scammers try to use fear and financial gains to push users to respond promptly. Cyber threat teams are seeking to exploit weaknesses that may exist in your IT infrastructure. IT infrastructures are already under stress due to IT transformations with a shift to a virtual working environment due to COVID-19.
What can be done?
Here are some recommendations and responses that should reduce the risk of cybersecurity threats. These steps will help protect your organization from scammers lurking in the darkness of the pandemic.
- It is crucial that you communicate and update policies for remote employees and address the use of home computers and laptops.
- Raise awareness amongst your team members regarding the risk of COVID-19 themed phishing attacks.
- It goes without saying that you ensure the use of strong passwords for remote access accounts, especially for Office 365.
- You need to provide your remote working team with solutions to make sure they remain secure from the phishing.
- The laptops handed to the remote team members should be up to date with anti-virus and firewall software. These software upgrades will help to maintain security against cyber-attacks.
- There should be a 24/7 helpline or online chat facility where staff members can report any potential phishing concerns so quick action can be taken by the IT team.
- Data encryption is crucial against the risk of theft.
- Update and revive cyber incident response and disaster recovery plans for the existing operational needs. The company needs to be proactive against the scammers.
- Allow for multi-factor authentication for VPN and other critical information systems.
- Review and update VPN profiles and firewall rules.
- Enforcing software updates to remote staff members.
- Staff members should be advised to avoid the use of USB sticks and other removable storage.
- The use of screen locks when the laptop is not in use.
Resources:
The detailed guide above will help practices to securely manage their operations in a challenging time like this. The bottom line is we can’t go lax with the potential COVID-19 related cybersecurity threats. Changes made in response to the pandemic are crucial to building a secure and protected infrastructure where important and confidential data is safe.
Akhilesh Tuteja, D. (2020). Identifying & responding to COVID-19 themed cyber threats. Retrieved 21 May 2020, from https://home.kpmg/xx/en/home/insights/2020/03/covid-19-staying-cyber-secure.html
COVID-19: Cybersecurity Checklist for Remote Working. (2020). Retrieved 21 May 2020, from https://www.marsh.com/zw/insights/risk-in-context/covid-19-cybersecurity-checklist-remote-working.html
COVID-19: How to avoid cyber attacks when working from home. (2020). Retrieved 21 May 2020, from https://www.weforum.org/agenda/2020/03/covid-19-cyberattacks-working-from-home/
Helping you avoid COVID-19 online security risks. (2020). Retrieved 21 May 2020, from https://www.blog.google/technology/safety-security/helping-you-avoid-covid-19-security-risks/
How to Avoid COVID-19 Scammers & Security Threats. (2020). Retrieved 21 May 2020, from https://www.business.att.com/learn/tech-advice/tips-for-avoiding-covid-19-related-scams.html
