In some way or form, whatever is about to happen with Covid-19 in the US is going to become a new normal of digital work. Most of the people I spoke with this week are moving to a virtual work week this coming week and it may last for several weeks. I overheard someone this morning say "this is not a blizzard, this is winter, so let's plan that way".
Cybercriminals have already started leveraging the fear connected with coronavirus pandemic as a tool to spread misinformation, steal passwords, data, and harm critical infrastructure.
Here are a few problem statements that we all need to be aware of and address, quickly:
1. If you are not set up to work from home, you are going to be doing work from and across an untrusted network (I'm putting best practices below)
2. The number of internet domain names that include coronavirus related words has jumped in recent weeks, meaning bad actors are creating fraudulent websites related to the new virus outbreak to trick curious users into giving up sensitive information or downloading viruses by accident
3. EMOTET (and other known attacks) has seen a resurgence in the last 6 months is being sent in spearphishing attacks tied to email campaigns with coronavirus maps
4. State Nations are leveraging coronavirus crisis to launch new encryption and exfiltration campaigns
5. New strains of ransomware are manifesting, pay close attention to strains such as Novel PXJ Ransomware which will not be identified by traditional endpoint and antivirus solutions before your device has been compromised
So what do we do?
1. Start team chats daily to align your team, mindset, and action items for the day. Start the day happy!
2. Check and subscribe to ensure your personal data is not on the dark web. www.securemantis.com
3. Patch your machine, OS, and update applications as needed
4. Look for ways to mitigate and reduce the risks and attack surfaces of your home machine
Finally - As part of the Appguard commitment to improving your security posture we are offering free AppGuard Solo licenses for the next 90 days to protect you from all forms of attacks.