Cyber Tips for Managing New Attack Surface in Age of COVID

This column is part of our new series, ‘From the C-Suite’, focused on bringing you perspectives on threats as they see them from leaders in the private sector.

Eric Hipkins is the founder and CEO of R9B, a provider of cybersecurity training, products and services for the U.S. Department of Defense, Fortune 500 companies, financial markets, critical infrastructure and the international community. He is a former Intelligence Analyst and adjunct faculty for the NSA and has worked in direct support to the President of the United States of America and members of Congress.

R9B owes much of its roots to the military and intelligence communities, where mission success is imperative. Overnight, we have seen COVID-19 upend all aspects of cybersecurity operations and introduce new vulnerabilities across the enterprise.

The fact that over 80% of employees have shifted to remote network access due to COVID-19 is not lost on cyber adversaries who eye this period of rapid transformation as an opportunity to exploit an expanded attack surface. They know IT and cybersecurity teams had little to no time to prepare for the dangers this crisis presented and will not hesitate to act if organizations fail to remain vigilant.

Times like these require a renewed commitment to the fundamentals of cybersecurity. It's not just about having the right tools, but also the right knowledge and experience to protect your organization and employees from new tactics and entry points. With that in mind, there are 8 Key Security Threats and Insights to consider with today's expanded remote workforce:

VPN Is Not Absolute Security for Remote Work. Having a "VPN solution in place" does not address the security requirements of operating on untrusted or unknown networks. Tip: Require employees to apply security updates, update anti-malware applications, protect system credentials and be vigilant against COVID-19 social engineering activities.
Spear Phishing. Malicious actors use email campaigns to exploit fear and uncertainty. Tip #1: Train your teams to be extra vigilant regarding suspicious emails about COVID-19 cures, tele-health, medical supplies, or stimulus money and to avoid clicking on suspicious links or attachments — just to name a few! Tip #2: Utilize trusted resources, anti-virus software, and secure DNS servers that automatically drop phishing domains.
Watering Holes are a Threat. Adversaries use fake websites to steal Personally Identifiable Information (PII) or introduce malware. Tip: Proceed with caution and utilize free browser extensions for Adblock software and website security inspection tools.
Credential and Access Management. The WFH paradigm has scaled credential and access management, introducing major security issues and possible unauthorized access to networks.
Telework Security Processes. IT teams must make firewall and Remote Desktop Protocol (RDP) decisions to ensure business continuity, which might weaken network security. Tip: Require passwords that are strong and secure, use Multi-Factor Authentication (MFA) when possible and conduct security assessments against newly configured services.
Database Security. As with Network Hygiene, IT teams may be forced to ensure business continuity by weakening database access control security. This may result in misconfigurations as teams rush to make corporate resources available. Tip: Understand methods of implementing proper security, especially if you are forcing deployment to cloud services, such as AWS, Google, or Azure.
Supply chain vulnerabilities. "Shelter-in-place" mandates have created a massive demand on the supply chain where normal supply lines could be adversely affected. Deviations from typical procedures to maintain productivity and business continuity may unintentionally provide an attacker access to the network. Tip: IT teams must be mindful of potential attack vectors used to modify normal network software or hardware (i.e., firmware modifications to routers, firewalls, computers) with backdoors or malicious capabilities.
Teleconference and other software vulnerabilities. As WFH demands increase, reliance on teleconferencing software has increased and exposed vulnerabilities in some of these tools. Tip: Stay up-to-date on the security posture of the software you are using and avoid making meetings, teleconferencing links, and screen sharing public. Also ensure software is up-to-date.