zvelo supports traffic from more than 650 million end users. In recent weeks, we have observed changes in traffic patterns — likely due to more employees around the world working remote which results in upticks in traffic to Remote Access, VPN and similar sites and networks. Over the past several months, we have been focusing on these particular types of sites to detect and weed out Remote Access scams and targeted exploits. We are also tuning our threat detection capabilities for the growing number of Coronavirus or COVID-19 related threats and exploits.
We recommend our partners enable the real-time updating capabilities from zvelo for maximum protection against these threats and to remind your users to be hypervigilant and on the lookout for scams in these services. Hackers look for every opportunity to capitalize on the fears of users and the current situation is a perfect storm of fear and opportunity.
To this end, zvelo has prepared the following best security practices and tips for remote workers during this period of uncertainty as we deal with the impact of COVID-19.
COVID-19 Cybersecurity Best Practices for Remote Workers
- Remote workers should do their work on the computer provided by their organization. This ensures there is not spillage of intellectual property onto personal devices. Similarly, remote workers should utilize organization provided cloud-based capabilities whenever possible. If organizations employ enterprise information technology (IT) management practices workers using organization equipment will continue receive the appropriate updates and patches.
- Organizations should direct remote workers to enable multi-factor authentication (MFA) wherever possible. How this is done is organization specific and it could involve a physical token, smart-phone application, or other means. No matter the implementation, there is broad agreement across the cybersecurity industry that MFA prevents the vast majority account compromise attempts.
- If not enabled, organizations should deploy virtual private network (VPN) capabilities for access to on-premises infrastructure. Malicious Cyber Actors (MCA) are watching which organizations are directing their personnel to work remotely and will certainly be probing to find those that allow access without VPNs. Those will be their first targets.
- Even if remote workers do not access organization infrastructure they should be directed to utilize a VPN when conducting business. This incredibly important for remote workers who may have to utilize public WIFI depending on their situation. Public WIFI should never be trusted and conducting business without a VPN increases business risk. The end goal is to make it hard for even a small-time MCA to steal information.
- Finally, remote workers should review guidelines on phishing, watering holes, and related social engineering tactics. There is a growing list of articles regarding MCAs taking advantage of the current COVID-19 situation to deliver malware. Remote workers should expect to see an increase in social engineering attempts via both their work and personal emails, text messages, and phone calls. Increased vigilance is the key here. If the source of an email, text message, or phone call seems suspicious, it probably IS suspicious. Just like in the office, remote workers should continue to report suspected incidents to their security team.
Resources organizations can review include the Center for Internet Security (CIS) Top 20 Controls & Resources (https://www.cisecurity.org/controls/cis-controls-list/) and Australian Signals Directorate (ASD) Essential 8 (https://www.cyber.gov.au/publications/essential-eight-maturity-model).
Special Note for Students and Parents Regarding Remote Access for Online Learning
In many locations, schools, universities, and other educational institutions are moving to online classes. This is an excellent use of modern technology to continue learning in the face of an unprecedented event. Unfortunately, MCAs are aware of this shift and will look to take advantage of unsuspecting students during this time of uncertainty.
For parents of elementary, middle, and high school students, take this opportunity to teach your kids about the dangers lurking on the internet. Start with the basics: don’t ever share passwords, don’t click links or download random files, don’t share address information, don’t share photos, don’t join social media sites without permission, and don’t agree to meet someone you met online. The National Center for Missing and Exploited Children has excellent resources to help parents fill in the gaps: https://www.missingkids.org/NetSmartz.
For college and university students, be vigilant in your online life. Understand what you share online becomes a permanent record for not only future employers, but also MCAs who will use any scrap of information available to attempt to steal your valuable personal data. Follow the same basics as presented for younger students, those have not changed just because you are in college. Educate yourself on scams and hustles specific to your educational institution and surrounding areas. Most important, trust your gut. If something feels strange to you, it most likely is suspect and you should steer clear.
zvelo is committed to providing a safe and secure internet for our partners and their users, now more than ever. Please let us know how we can best support your efforts during this time.