The Impact of COVID-19 (Corona Virus) on Network Administration Teams
The recent outbreak of the COVID-19 (Corona Virus) has had challenging implications for communities and organisations around the globe. Many governments asked individuals to work from home where possible in an attempt to reduce the spread of the virus.
With millions of people deciding to work from home to reduce the spread of the virus, it is now more important than ever to ensure that your network is fully secure as cyber criminals will use every opportunity to infiltrate your systems.
Here we outline some practical steps to help you take appropriate cyber safety measures:
Be aware of the increase in Phishing:
Cyber criminals have switched their focus to exploiting the anxiety that has spread amongst the general public. Criminals are targeting vulnerable individuals using Phishing emails which have attachments claiming to provide updates and information regarding safety measures. Due to the high levels of concern, many individuals may make impulse decisions to engage with such emails and completely disregard cyber security best practices.
For this reason, there is a duty of care for organisations to brief employees on the importance of staying vigilant and recognise the potential danger when interacting with emails from unknown sources.
Test the level to which your systems are prepared:
It is safe to assume that organisations will experience a substantial increase in the number of devices accessing their network remotely. Companies with an agile workforce may be well prepared for this influx of remote traffic and will have appropriate multi-factor authentication and sophisticated VPN’s in place.
We recommend Cyber security teams increase their focus on monitoring activity from “work from home” devices as these are potential weak points cyber criminals will target.
COVID-19 poses a great challenge for those who are not prepared. There is a significant chance that the increase in remote traffic will put severe pressure on IT teams as users will have access to sensitive data via a potentially unsecured network/device.
Such organisations should quickly assess and implement proper BYOD policies. VPN’s need regular patching and networks should be load tested to ensure the increased level of traffic can be managed efficiently.
Prepare for network disruption:
Remote access can make it challenging for IT staff to monitor and identify threats to the network.
When workers are in their regular office environment, the cyber team can immediately quarantine a device when a potential threat is identified by disconnecting the endpoint from the organisations network.
In a remote working environment, companies must make sure that security staff can quickly identify and deal with a compromise.
Organisations should consider an enterprise risk approach. This should involve practicing business continuity plans and senior management response through simulations that focus on cyber breach scenarios as well as how unexpected events can potentially impact automation, connectivity and cyber recovery.
Organisations should consider shielding themselves against the increased possibility of network disruption through a cyber insurance policy which can provide protection in the case of business interruption losses as well as any financial hits that arise from hiring forensic experts to deal with a breach.
But when doing so the issue of “Silent Cyber” needs to be addressed with the Insurance company to ensure you know what you are covered for and what you are not covered for.
COVID-19 presents real challenges for Network Admin Teams around the globe and these teams need as much support as can be given to ensure normal standards of service can be maintained. Over the coming weeks IT Teams will need to carry out Compromise Assessments to ensure nothing has breached the network during the chaos caused by the Corona Virus.
If you are suspicious that your network has been breached during the Covid-19 crisis, get in touch and we will work with you, within your means, to identify any hidden threats and will deliver forensic analysis around how the breach occurred.