In recent weeks, the coronavirus has become the main topic for the global population, health authorities, politicians and organisations. For hackers, the panic and hysteria caused by the situation provide a perfect opportunity to successfully distribute malware. Therefore, the virus topic meets all the requirements for a successful cyberattack.
TABLE OF CONTENT |
People require up-to-date information regarding the virus. TV, radio, online guides and news, newsletters or emails are all sources of information that are accessed by the public.
The topic can be highly emotional, especially when individuals become aware that their region, holiday destinations or even people from their immediate vicinity are affected.
This provides the perfect condition for the rapid distribution of malware. Users will now open emails from unknown senders because they supposedly contain tips or precautionary measures. Some assume they have received an email from a friend who is supposedly ill, but the address of this friend was actually hijacked earlier and is now being misused. These emails often have software attachments that are disguised as a document that will run on the computer when it is launched, and subsequently, install malicious code or encrypt files.
With this, already known malware like Emotet is now being distributed even more successfully. Today, people's desire to receive information is greater than their sensitivity toward possible IT risks. With the help of a spam campaign around the topic "Coronavirus", the Emotet malware made it to the top of the most widespread malware once again in recent weeks.
Security Awareness
Create the necessary awareness for this risk among your employees, for example, with the help of short online training courses on the subject of phishing and social engineering.
Application Control
To prevent malicious programs disguised as attachments from running on your computer, you should install an Application control on your computers and notebooks, which only runs programs and scripts that you authorise through an appropriate whitelist. This way, you can also prevent malware that is not yet detected by common anti-virus programs.
You should always protect your data by encrypting files or the entire hard disk.
Talk to us about how you can optimally protect your employees, systems and data.
However, it is not just the spam campaigns around the sensitive "Coronavirus" topic that poses a risk. Currently, various companies are sending their employees to their home office to protect the workforce from possible infections.
As part of these precautionary measures, it makes sense to check whether the company IT (e.g. notebooks) and the private home office environment meet the requirements for data and IT security.
Here, the objective is also to sensitise employees, for example, to prevent malicious malware from infiltrating the corporate network, and to avert any economic or reputational damage for the company.
Companies are reliant on a VPN and protected Wi-Fi network for encrypted access from the private sphere. This is not effective protection as email programs and the Internet work without a VPN. Even a firewall only provides limited protection against unwanted access.
The following safeguards are essential and should be put in place:
Application Control
As mentioned above, an application control as protection against malware with company-adapted authorisation management.
Hard Disk Encryption
Install a Hard Disk Encryption. This will help you to protect mobile devices such as notebooks from unauthorised external access to your sensitive company data in the event of an incident.
Device control
Allows control of the USB and removable media ports so that, for example, no infected stick or removable media on a home office notebook can transfer and execute unwanted software.