Network administrators should take steps to address threats by following key security guidelines
Emergencies tend to bring out the best in people. Since the U.S. announced the need for social distancing, I have seen people go above and beyond to support others affected by this current crisis. From large-scale corporate donations, to distribution of computing power to aid in cure research, to help for at-risk neighbors by running errands, people have stepped up. While times like this remind us that we are all in this together and draw us closer as a community, unfortunately, bad actors can be found in the shadows, waiting to take advantage of uncertainty, confusion, and lapses in security best practices.
As more companies institute remote working, increases in malware and phishing attempts seek to capitalize on the lack of experience with new remote workers. Various threat researchers across the globe have identified increased threats target at countries hardest hit by COVID-19.
Check Point Software Technologies Ltd found in a study that COVID-19-themed domain registrations are 50 percent more likely to be from bad actors. High-profile examples include an attack aimed at a COVID-19 tracking map maintained by Johns Hopkins University.
Zscaler’s ThreatLabZ identified multiple threats attempting to take advantage of the current crisis. These include new attacks using the common attack vector of documents with embedded macros, new Android Apps with embedded trojans, and Android ransomware. All these new spins on old threats have a new coat of paint courtesy of the current crisis.
The U.S. Computer Emergency Readiness Team and Federal Trade Commission recently issued new warnings of scams tricking people into revealing sensitive information or donating to fraudulent charities or causes related to the coronavirus.
Just as the CDC has recommended to “Do the Five” to help stop the spread of the coronavirus, Cradlepoint recommends network administrators follow these working from home security tips and best practices:
- Educate new users. From changing default passwords to phishing, educating a company’s staff early and often is one of the most effective ways to mitigate cyber security risks.
- Use multi-factor authentication. With multi-factor authentication, even attackers armed with stolen usernames and passwords wouldn’t have enough information to log in. Layered network security practices such as multi-factor authentication mitigate the risk of data breaches.
- Implement IPS/IDS (intrusion prevention and detection systems). Threat management is important for any IT team, and especially for those handling sensitive information and Point-of-Sale (POS) systems. IPS/IDS defends against evasion attacks, protects key data, and improves network availability.
- Protect against malware. This is important for any IT team, but now especially as more workers are quickly becoming remote workers. Ensuring protection of company-owned end-user devices becomes critical. This is made easy through the use of Zscaler Internet Security or Cradlepoint Secure Web Filter, depending on the use case.
- Adopt zero-trust networking principles. Cradlepoint's software-defined networking technologies makes zero-trust WAN possible by micro-segmenting the network at the site, departmental, or even user and device levels. This practice quarantines attack attempts once they’re inside the network’s perimeter.
- Simplify your Mobile Device Management. Traditional Mobile Device Management (MDM) software relies on complex, clunky VPN architectures. Deploying a virtual overlay network that seamlessly works within your legacy infrastructure streamlines and simplifies MDM. With no need for head-end hardware, IT teams can give employees access to essential files and applications while also quarantining their mobile devices from the rest of the network.
- Extend Active Directory servers to the cloud. Active Directory (AD) is the foundation of enterprise security, ensuring fast and reliable authentication, password compliance, DNS, and more. Today you can use the cloud to extend AD domain services to remote users everywhere, fostering a persistent, LAN-like experience that stays on without user interaction.