Kaspersky – Cyberattacks during a pandemic

Pandemic

GadgetGuy participated in an interesting teleconference (using Microsoft teams) hosted by Vitaly Kamluk, Kaspersky Director of APAC Research Group. What is the best cybersecurity practice in a pandemic?

I won’t go into the full hour but highlight a few of the main points. The best security during a pandemic is to remain vigilant to the millions of scams trying to get you to click on a link.

How to stay safe working remotely during a pendemic

Using work computers at home

Many bought their work computers home (as they should) but remember that these usually have some form of central support and updating. The longer the lockdown goes on, the more that central patching becomes out of date. Talk to your system administrator to see how to keep up to date.

Many companies have opened remote desktop or server access via RDP (remote desktop), FTP (file transfer protocol) or similar. That is wrong, and you need to use a secure cloud-like Microsoft OneDrive to share files.

Business needs to increase response/awareness/action plans! They must be more vigilant as the weakest link – a home computer – could compromise the office network.

They must insist on 2FA or Biometric logins and change passwords regularly. All access to a corporate network should be via a VPN – whether via a PC or mobile.

There are millions of web threats out there

Pandemic

Bought a computers and don’t have enterprise protection

Many have bought or used home computers but are unaware of the need to keep them patched and run strong, paid antivirus and malware endpoint protection. They have no budget for cybersecurity, so they use free software like Windows Defender, free VPNs etc. Again, talk to your system administrator if you have one and get paid protection.

Pandemic

Don’t know how to identify if something is not quite right

If your computer is sluggish, popping up ads or doing things you don’t think are right, then act now. Get to know where you can get emergency cyber response assets/people and turn the computer off until they can respond. If they do it remotely be very sure of their pedigree as granting remote access gives them full access to your computer – as if it was you.

Protect your home network

Look at network intrusion prevention devices like D-Link’s D-Fend router that stops the millions of automated bots getting into your router via weak passwords or unprotected devices. Change router passwords regularly.

What are the scams to be aware of?

Help by reporting scams to Scamwatch – there are new ones all the time. Use common sense and be sceptical – have a clear mind – people are the weakest link.

  • Lots of executable .exe COVID network worm names!
  • Lots of web threats! Blocked by Kaspersky AV
  • Lots of COVID named malware
  • COVID games!
  • WHO Scams abound
  • Online purchasing scams for medical, drugs and other equipment
  • Email
    • close down orders – open remote access – or you cant access work computers!
    • money reimbursement offers to go directly to an employee bank account
    • the promise of vaccine especially with a WHO logo
  • Other topics – all scams

Social engineering ‘spear-phishing’ is growing. Perhaps the lockdown means more people are trying to make money by scams. Cybercriminals are working hard!

Here are a few examples

Pandemic
Pandemic
Pandemic
Pandemic
Note the misspelling of COOVID
Pandemic

If you are not part of the solution you are part of the problem

Stop sending/forwarding/looking for COVID themed emails/releases. It is not socially responsible to play on fear, and a good percentage will be scams.

Who is most at risk?

At present medical agencies are most targeted. But anyone with a vulnerable computer is a target or automated web bots looking for weaknesses.

But unless you are vigilant you are at risk.

What about video conferences and Zoom in particular?

Our best advice is for companies to run a dedicated video server run on company premises – do not use free or cloud-based ones unless they can be trusted. Kaspersky uses Microsoft Teams.

Zoom is popular, but there are three things you must consider.

  1. It is improving [security] but can it keep up with the bad guys? I don’t think so!
  2. Zoom is the hot commodity! As it is popular, then it will be attacked more by the bad guys.
  3. It is an easy target and facilitates secret snooping, download malware/spyware and more

GadgetGuy has a comprehensive article on Zoom here.

Zoom's serious security breaches

Avoid any teleconference software that requires a download app to use – Zoom. All you need is a browser like MS Teams does.

If you care about confidentiality, do not use free, cloud-based tools. I do not recommend Zoom – get out of the crosshairs of most attacks.