Stay COVID safe (or what COVID taught us about IT security)

Coronavirus isn’t the only virus causing harm. Hackers have been busy trying to trick us into clicking on their fake websites and getting infected with Malware. They’ve had fake donation sites, particularly a fake World Health Organisation fund, fake COVID-19 maps loaded with Malware, or even email threats to infect you, or your family, with COVID unless you paid them bitcoins.

There were phishing emails with fake data about pandemic survival or COVID cases near you. Some of these were even by text message rather than email.

A lot of organisations were more vulnerable than normal because their people went and worked from home, using home internet connections and home PCS. If those PCs are used by other family members, the greater the risk of being infected with malware increases. If the connection used to access office systems wasn’t a secure SSL or VPN connection, it was more vulnerable (and not all VPNs offer the same levels of security). We remain adamant in recommending use of multi-factor authentication (MFA) for all remote connections.

What should you do?


Keep ALL your active IT systems up to-date We used to focus on keeping critical IT systems up to date, with software patches and the like. Today, that is not enough. Hackers now search your organisation systems even more vigorously than ever for vulnerabilities. That means that, for example:

  • the old PC that got set up temporarily during lockdown, is a point of vulnerability.
  • an old Wi-Fi point , especially one left with its default password, can be connected to by a hacker and used for access
  • any home machines that are used to access your business systems are equally vulnerable if not locked down.
  • any old equipment, no matter how trivial, is a potential vector for a bad-actor to exploit.

 

All equipment, no matter how minor, needs to be maintained and kept up to date. That means it needs to be under manufacturer support, and the manufacturer updates need to be applied, and you need visibility of this in regular reporting.
Regular checks, and regular reports, make sure this asset management is kept maintained, and your system is kept secure.

The lockdown meant most of us got a deep dive into video meetings, and the two most common tools we all saw were Zoom and Teams. Both of these share similar characteristics and our tips for Video calling security are :

 

  • Keep your software up-to-date
  • Use the ‘lobby’ features for external meetings to allow you to curate how is joining your meeting (avoid ‘zoom bombing’ – where your email invitation is shared further than you expect and unknown people might get the link and use it to join your meeting uninvited) – making everyone use video might consume data but is also gives you a visual verification that the people you expect to be on the call are the only ones there
  • In Zoom, use the password feature
  • If available, use MFA

We recommend having all active IT devices on a proactive support plan such as KARE, and regularly reviewing the list of devices under contract to ensure it stays current.