Cyber Security - Amid COVID19 OutBreak

The COVID19, or known as novel coronavirus started in China in December 2019, and quickly spread out to neighboring countries and subsequently to rest of the world within a short span of time, it is one of the fastest spread Pandemic in the last many decades and has brought many challenges across the globe.

This has affected far more countries than the ones involved in World-War 2.

It is for sure a big concern for governments and people across the globe but I am going to shed some light on the other side-effects of this pandemic in this article from Information Technology & Cyber Security perspective.

The best remedy so far medical science could have found is to stay home or stay isolated and try not to get infected because you might be a carrier of the virus without falling ill while spreading it to others. And, this idea of social distancing or isolation has engendered the need to shut down workplaces, shopping complexes, public offices, etc., thus organizations are forced to only allow the business-critical services and people to continue working from their offices with precautions and special arrangements. Whereas, a vast majority of employees are asked to Work From Home (WFH).

On one hand, this idea of WFH has brought opportunities for many Tech-Giant companies to boost their products to connect people from home, allow employees to exploit communication platforms, collaborate & conduct meetings digitally which eventually will generate more revenue for these Tech companies. But, at the same time, it has brought challenges for other organizations (especially non-tech businesses oriented); as now they have jumped on this wagon to make the working environment conducive for their employees who are now sitting out of their traditionally built network (offices). For example, geographically distributed & highly customer-oriented companies- be it Supply-Chain, FMCG, Telecom or Energy or any other industry; they have to ensure that the Operations part should remain functional while people are WFH and they have full access to the systems as they used to have back in the office.

This sudden change & adaptation of WFH, some organizations are forced to make changes to their secure network and thus they are looking out for a quick solution to ease the restrictions on firewalls, use new communication platforms, etc. for enabling employees to WFH. But acting fast and overlooking the details is not an option. Such quick actions could introduce holes in the secure network which tamps down the fervor of freedom or need to WFH and could cost the organizations even more (just like opening Pandora’s box of cybercrime). So, don’t rush!

Beware of Cyber Crime

Challenges:

  1. Data Security: Not all companies can afford to build or provide a secured network for all of their employees, which means people who are working on their PCs without VPN may initiate unsecured data transmission or share files among their colleagues by using non-standard tool or applications or using personal emails etc.
  2. Technical Challenges: Some of the applications are designed in a way that only work with specific or static IP address ranges, and this would for sure bring challenges for people who have been working on Physical Desktop or workstations placed in their offices. Sometimes, providing access to networks outside the office is difficult for such companies that are working with Operations Technology or mission-critical systems or control centers and this limits the way employees can be productive from their homes.
  3. System or Application Access: Some of the applications are hosted in local data centers, which means they can only be accessed by LAN or WAN who are used by limited people in the organization at specific locations. Often a small workplace or company would only like to protect their systems from outside threats but allow their employees to have full access to the systems internally from the ease in Access Management point of view. This is not necessary that such organizations have a VPN setup to allow their employees to WFH in the same manner as their workplaces. This may require the IT Security teams to make changes to their application access management or network, so that employees may connect from home or use their personal devices.
  4. An intentional downgrade of security: In such a crisis, to ensure business continuity, a very secure organization might lower down their security in the beginning while their security experts find a long term solution, like removing their MFA (multi-factor authentication) from various logins.
  5. Data loss or integrity issues: Some poorly designed applications built considering concurrency part to deal with transactional data or synchronous updates or distributed locks etc. which could result in data integrity issues or loss of data. This also depends on both human factors like training and reinforcement, as well as processes and tools used to conduct daily work. Suppose, your customer service is WFH over a weak or unstable network and if your application is designed without transaction handling concepts then there is a chance that your database would be updated with partial or redundant information or may completely not be updated. (there could be many other factors of course)
  6. Increase in Phishing mails and calls: The most common security threat is the Phishing emails or calls. This has been a very common method for hackers to loot people’s bank accounts or hack into their PC by just agitating the person over calls or alluring them to get an offer. Certainly, there has been an increase in such phishing activities in the last few days. (Referring to the various online news channels/agencies)
  7. Increase in CyberAttacks (e.g. DDoS): Recent news revealed that there have been many attempts on public or scientific organizations to disrupt the services, steal information on COVID19 or simply to spread false information across the globe be it the USA or Europe. The pharmaceutical companies have also come to the cyber attacker’s radar as there is a race on going to produce the vaccine or medication to fight with coronavirus.
  8. The spread of Malware over insecure websites: With my recent pragmatic experience, I could say some small startups which were growing in the home delivery or online shopping markets, they are gone online with either incomplete apps or not well-designed from the security point of view, but given the circumstances and opportunity, they have gained sudden and unexpected attention from the public. Since, people are stuck with unforeseen lockdowns often far from their relatives or family, which requires them to order necessary food or daily items as fast as possible. In that heat of booking one may sometimes overlook whether the online payment transaction is through a secured channel or over the trusted connection or not and one might end up filling all their credit card information to a fake or an unsecured website. Duh!

What can be done?

First and foremost, develop this Mindset across the organization: Remember one thing, in the continuously developing Technology market and given the current crisis, one cannot protect their network or systems from cyber attacks but how quickly they detect, react to those attacks and fill the security holes is the KEY.

Some little steps, preparation, and reinforcement of best practices could play a key role in keeping the organization protected.

  • Enhance the network capacity, and adopt a secure VPN or boost the existing subscriptions to provide a secure connection between the employee’s home to your organization’s network and strengthen your network security layer subsequently (Inspect & Adapt).
  • Send regular reminders to the employees who are working remotely to avoid any fake-lucrative offers or informative emails (phishing emails) or not to engage with unknown people over suspicious calls that are made to steal their credentials or confidential information.
  • Human intelligence and common sense are key here, for certain people and job roles which are customer-facing or dealing with people outside your organization as they might end up passing some crucial information e.g. the organization is going short on VPN licenses so they might start using some non-standard tools to run their operations, such information could come handy for hackers to penetrate your network and systems.
  • Ask employees to avoid the utilization of open Wi-fi networks or their personal devices; instead, ask them to use company devices and secure internet connection as much as possible despite it might have some network connectivity or VPN issues to access the company’s portals or applications from time to time. If the nature of your job requires you to stay online with your emails and other communication platforms then you can avoid exploiting the VPN bandwidth and save it for the people in the organization who really need access to the systems & application.
  • Conduct penetration tests if possible over your network, firewalls & applications. The boom in Public Cloud-based applications and resources brought many benefits but at the same time if you ignore the security suggestions, like do not perform regularly advised patching on your VMs (Virtual Machines)then your resources could be prone to cyber-attacks. For example, Azure Security Center utilizes machine learning and advanced analytics to help you identify and detect security threats before they can compromise your environment but taking action on those lies with you.
  • Continuous monitoring and alerts for any cyber threat are key, early detection could save your organization from a bigger loss be it financial or technical or operational or customer data, etc. Validation of remote connections being made to your core systems or network is crucial too, the security around these can be implemented by web gateways, Proxies, firewalls or IDS (intrusion detection systems) etc.
  • Setup temporary Security Incident Management Teams, this could be done by putting people from your security teams and incident management together to monitor, detect any cyber threat and lead to its root cause and filling that hole quickly.

Time will tell, how many such cybercrime cases or attempts breakout during this pandemic outbreak and how the organizations & businesses were affected or how did they tackle those attacks.

Stay home, isolate yourself if you are exposed to the virus, and most importantly follow the “instructions from your local government and health authorities” to help the world in fighting with COVID19.

Read more or track #Covid19 here:

https://coronavirus.medium.com/

https://www.worldometers.info/coronavirus/

https://www.who.int/health-topics/coronavirus#tab=tab_2

Embracing the gift of nature -"Human Life", passionate about Technology and Servant Leadership, believes in People and vision is Green Tomorrow!!