The main challenge that enterprises face at the time of the new coronavirus (COVID-19) is to let their employees work from home, causing a cascade of side effects. These range from faulty configurations to a lack of cybersecurity specialists with a sprinkle of increased vulnerability to phishing attacks.
This latest strain of coronavirus has been spreading across the globe since December, causing major disruption in every country where it has appeared.
The blueprint created by the Chinese authorities to tackle the issue is now being adopted in other countries, such as in Italy, where the movements of the entire nation have been restricted, and Greece, where all mass gatherings at theatres, cinemas, museums and sports events have been suspended in several regions.
Apart from the suffering that the virus has brought to many, the main victim of what is now a pandemic is the global economy. The Fed in the US has already cut interest rates, Chinese manufacturing PMI has dropped almost 30%, and investors are fleeing to buy gold.
But where does this leave us from a cybersecurity perspective?
Coronavirus (COVID-19) Brings Cybersecurity Challenges
Because of the virus, millions of workers in China and now in Europe (with the US likely to follow) are being forced to work from home. This is very profitable for UC providers, as everyone is resorting to teleconferencing, but it is also causing unprecedented challenges when it comes to cybersecurity.
Working remotely
Some organisations already let their employees work from home and have VPNs and secure access tools in place. But most enterprises will let their workers access important resources remotely without the proper security infrastructure.
This risk is opening a Pandora’s box of misconfigured databases and excessive use of shadow IT, creating the perfect environment for hackers to strike.
Skills Gap
The cybersecurity industry has faced a crippling skills gap for years now, and there are always more open positions than available specialists to fill them (case in point — the main theme of RSA two weeks ago was the “Human Element”).
This means that cybersecurity teams are already overstretched. Having your IT security team working from home will not affect certain tasks, but if you want your SOC to be effective it needs analysts on site.
If a company has to send its SOC analysts home, its ability to face external threats would be highly diminished. Some enterprises have already put strategies in place to face a pandemic worst-case scenario, but even these would only be able to keep processes going if nothing else goes wrong.
This means that in the case of an attack or a hardware failure, operations might come to a halt with limited chances to remediate in a timely fashion.
New Phishing Threats
Finally, in a crisis, bad actors (both virtual and real) are always ready to strike. It is much easier to scam people by leveraging the fear that a calamity like this causes. In Italy, for example, “government officials” are showing up at people’s homes to “sanitise and sterilise cash as it is a vector for the virus to spread.”
The spread of the coronavirus is creating the perfect ground for widespread phishing campaigns. Employees quarantined at home are more likely to click on suspicious links pushed by a mix of fear, confusion and lack of IT security support.
I am sure that we will see lots of COVID-19 phishing campaigns hitting enterprises that are unprepared and understaffed. These widespread attacks will cause chaos, with long lasting impact on an economy that is already struggling.
To limit the effects of these attacks, organisations should:
- Prioritise the creation of a secure environment for employees to work from home.
- Create disaster recovery policies that can be applied by a skeleton IT security team.
- Stress the importance of employees being extra careful when opening emails.
If you want to learn more about this topic or have any questions, please contact or Claudio Stahnke, or drop your details in the form on the top right.
If you want to know more about how COVID-19 will affect industries, read it here: