<< Back To News

Valkyrie: COVID-19. April Update

By Valkyrie | 21 Apr 2020

Valkyrie remain open for business and provide security advice amidst the COVID-19 crisis

1587485784.JPG

Following our 1st update to our valued client base (March 20) regarding the global COVID-19 pandemic, most businesses will hopefully now be working in accordance with their individual Business Continuity Plans. 

Valkyrie continues to be here for all of our clients, and we are fully available to help you maintain the highest Cyber-Security Resilience against pernicious multiple attacks from opportunist and professional Criminal Hackers whilst ensuring your Policies, Processes and Procedures are absolutely fit for purpose.

Our Latest top tips for things that you can do during these unprecedented times, is to ensure that the following security considerations are also being made:

·       Working from home during this crisis provides additional challenges, with Cyber Criminals now more than ever are targeting employees, execs and IT staff trying to get on to corporate networks via VPN’s. Other attacks that have seen an increase are services like Zoom where researchers have found weaknesses in the security that attackers are exploiting in the wild. Be mindful of the fact that any third-party service can be used as a valid attack vector to steal credentials or gain unauthorised access to a machine, or network. Ensure that the following is considered:

o   Penetration Testing via VPN to understand how an attacker with limited or no credentials could gain unauthorised access to network/domain services, and if they can pivot to critical assets

o   Ensure that critical third-party services such as Service Desk, conferencing services, and websites are tested during this time to ensure that attackers do not take advantage

o   Harden all services, and monitor for new threats, NCSC ( https://www.ncsc.gov.uk/ ) has good threat briefings on critical advisory vulnerabilities

§  https://www.ncsc.gov.uk/report/weekly-threat-report-17th-april-2020

§  https://www.ncsc.gov.uk/news/security-agencies-issue-covid-19-cyber-threat-update

 

·       COVID-19 specific cyberattacks are continuing in high volume and a prime example of cyber criminals leveraging the current global pandemic is seen with the creation of over 100,000 domains containing the word COVID-19 or coronavirus, the majority of these will be used to push fake intel or used for credentials phishing or distribution of malware. Always verify the email, then trust. Ensure that users are trained and constantly made aware of the risks during this heightened state of risk. Be extremely wary of Smishing (SMS phishing) and ensure that all users are aware of the risks

 

·       Ransomware is an extremely high risk at the moment with attackers looking to capitalise, again ensure exposed RDP/VPN services are hardened, ensure that monitoring is in place to detect malicious activity and make users aware of how to report any suspicious activity. Groups like REvil (Sodinokibi), Maze, and trojans like Emotet (usually used to distribute ransomware), are seeing massive spikes in activity so be on high alert

 

·       With this unprecedented environment that businesses are all currently operating in, the reliance and demand of workforces using video conferencing platforms is at an all-time high. Given the recent high-profile security issues faced by remote workers using Zoom video conferencing for example, the following 8 key steps / guidelines should be followed to create increased security for organisations, your clients, suppliers, and your people.

 

  1. Be careful about sharing your meeting ID publicly
  2. Always use passcodes (this is now set as default after update, but make sure this is not disabled)
  3. Know your provider’s data privacy policy
  4. Keep watch on meeting joiners
  5. Master the controls
  6. Use live meeting controls for large meetings and events
  7. Use browser-based meetings to avoid download delays
  8. Practice basic security hygiene

Valkyrie is here to help each and every one of our valued clients. We understand that during this troubled time where everyone is focusing on Availability, we are also ensuring we help you protect the Confidentiality and Integrity of your critical informational assets. The dedicated and loyal team at valkyrie are at the front line of defence. We understand the heightened risks that the current global crisis can pose and have the expertise and experience to assist. We want to provide all our loyal clients with the very best technical and commercial support you need to protect your employees, suppliers, clients, and overall business with focussed initiatives where you need them most in a time and budget that works for you.

All at Valkyrie hope you, your family and your colleagues stay safe. We will get through this together.

 

 

Valkyrie

<< Back To News