Since our last post relating to Security Vigilance While Working From Home, a joint security advisory was published by the UK's National Cyber Security Centre (NCSC) and US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) shows that cybercriminals and advanced persistent threat (APT) groups are targeting individuals and organizations with a range of ransomware and malware.
Of course, as always, phishing attacks are the biggest threat and according to the bulletin:
"Examples of scams include emails containing malware which appear to have come from the Director-General of the World Health Organization (WHO), and others which claim to offer thermometers and face masks to fight the pandemic."
Aside from phishing, bad actors are also scanning the internet for networks with vulnerable systems. These scans are generally automated and scan millions of systems with little to no effort.
Bryan Ware, CISA Assistant Director for Cybersecurity, said:
“As the COVID-19 outbreak continues to evolve, bad actors are using these difficult times to exploit and take advantage of the public and business. Our partnerships with the NCSC and industry have played a critical role in our ability to track these threats and respond.
“We urge everyone to remain vigilant to these threats, be on the lookout for suspicious emails and look to trusted sources for information and updates regarding COVID-19. We are all in this together and collectively we can help defend against these threats.”
As always, Omni can assist you with assessing and mitigating cyber threats as well as disaster and business continuity planning. Reach out to your Account Manager or reach out to us via our contact form for more information.
Click here to read the entire CISA security bulletin.
With over 23 years in senior business management and technology roles, Jim brings an uncommon perspective and understanding to using technology to solve the challenges of business today as well as assisting clients with technology planning, analysis, project management, compliance, security, and support across their application portfolios.