Early Security Lessons Learned from a Worldwide Crisis
By Daniel Schwalbe
As we enter the third month of the global pandemic, it has become clear that the virus is wreaking havoc on our lives in many ways. For a significant portion of the U.S. population, the lockdowns and stay-at-home orders necessary to contain the spread of the virus have also severely impacted the ability for some workers to perform their jobs.
For those fortunate enough to be able to do their job from home, the sudden transition from office worker to "remote worker" has, in many cases, been very challenging. Even for those of us working at companies like Farsight, which has been fully remote since day one, this "new normal" required some adjustment. My colleague Ben April recently wrote an insightful blogpost on this topic, Managing Remote Teams in Interesting Times.
From a business standpoint, the pandemic has forced companies to rapidly adopt entirely new ways of operating. This introduced additional challenges, especially in the area of cybersecurity. Many new remote workers now may be using their own personal equipment for connectivity, which may be out of date and in need of security updates. And in some cases, employees might inadvertently be failing to comply with data privacy regulations due to the lack of proper controls introduced by a hastily set up remote environment.
Cybercriminals have been quick to take advantage of these challenges. Last month, the U.S. Department of Justice (DoJ) announced in a press release that federal authorities, working in an “ongoing cooperative effort between law enforcement and a number of private-sector companies, […], had disrupted hundreds of internet domains used to exploit the COVID-19 pandemic to commit fraud and other crimes.”
Fortunately, organizations are quickly learning valuable lessons from this crisis to better protect themselves.
One lesson is that effective communication between Security as well as IT leadership and the newly remote employees is now more important than ever. Leaders need to check in often with their teams, set clear expectations about secure behavior, and provide guidance about how to avoid threats such as phishing attacks and other unusual online activity.
Good communication can go a long way toward helping employees make the right decisions regardless of where they are physically located. Regular contact can help people stay informed about threats, and make them less vulnerable to social engineering.
And don’t forget about the more traditional communication methods such as the phone, or even newer versions such as video chat. It’s easy to mistake a digital phishing attempt for the real thing when the stress of the “new normal” is bearing down on you. But hearing the familiar voice of a co-worker on the phone or seeing team members on a video meeting can go a long way to make sure any instructions received are authentic and not a scam attempt.
Organizations that previously had no remote employees, or only had a very small remote footprint, are also learning how to scale secure network infrastructure to cope with the sudden surge of remote workers. That might include deploying new (or adding capacity to existing) virtual private network (VPN) technology, introducing or increasing the use of multi-factor authentication, and adding additional layers of security to existing corporate systems.
Knowing what cybercriminals may be able to learn about your IT infrastructure is critical information to help you protect your organization against those adversaries. Farsight offers a number of DNS data solutions to help organizations protect their users and infrastructure including:
DNS Changes lets organizations easily monitor their DNS worldwide and alert on unauthorized changes due to operational accidents — or an attack.
Newly Observed Domains (NOD) provides organizations with real-time actionable insights based on the newness of a domain and can help stop phishing attacks in their tracks.
During this global pandemic, where a remote workforce became the “new normal” seemingly overnight, it is critical that IT and Security Teams have the tools they need to keep the business running securely while enabling remote workers to do their jobs productively.
Daniel Schwalbe is the Director of Engineering and Deputy CISO for Farsight Security®, Inc..