NEC is committed to providing visibility on cyber security threats and offering advice during the COVID-19 pandemic.
Our senior security analysts in our Australian Cyber Security Operations Centre have put together a list of resources, updates and advice to help you stay cyber-safe during these uncertain and unprecedented times.
Safe video conferencing – avoid getting Zoombombed
With the new era of work from home upon us, Zoom has quickly become one of the preferred platforms to host meetings. One of its main vulnerabilities, guessing meeting IDs, has even created a new word in our industry – Zoombombing.
With more time on their hands at home, attackers are focusing efforts on exploiting platforms such as Zoom to gain unauthorised access to meetings, recordings, gather email addresses or make users click on malicious links in meetings. Recent updates from Zoom now prevents many of these risks. NEC recommends that organisations carefully consider the security and privacy needs for the meetings they hold, especially if it involves corporate IP, recordings of children or other vulnerable individuals.
Other recent malicious activity
Malicious individuals and groups are pursuing other activities to try and access private information:
- They are pretending to send emails from trustworthy sources such as the World Health Organisation (WHO) or your HR and IT Departments. NEC recommends that employees should be extra vigilant when opening emails and clicking on links. IT departments must ensure that their security systems use the latest threat intelligence databases from security vendors enhanced by those from the US Cybersecurity and Infrastructure Security Agency (CISA) to filter and check for any potential compromises to systems.
- Established and new malware (e.g. Gozi trojan, NetWalker, CoronaVirus) are trying to steal personal information or make users download malicious apps by using coronavirus or COVID-19-related themes, such as “Budget savings due to coronavirus”.
- Emails can have attachments or embedded code. Remain vigilant for these existing threats even though they seem to be prevented by many anti-virus agents including Microsoft Office 365 Threat Intelligence.
- INTERPOL has detected an increase in attempted ransomware attacks against organisations and infrastructure involved in response to COVID-19, including holding hospitals and medical services systems hostage. NEC recommends that these types of organisations need to be extra vigilant.
- By wary of SMS scams, known as Smishing. While there are official Australian government messages being sent out, be careful. If in doubt, ignore the message.
- Do not give out personal details, organisation information or make any financial transaction (e.g. fine or penalty notice) via unsolicited phone calls, emails, SMS, WhatsApp or other type of social messaging system.
- If you are unsure if an email request is legitimate, attempt to verify it by contacting the company directly, preferably through a phone number that you have confirmed yourself (do not verify by information or URLs in the email request).
- Verify the legitimacy of a website before supplying information. If you are suspicious of a URL, do not click on it. However, if you accidentally click on a link while using a work laptop, inform your IT help desk immediately.
- Ensure websites are using secure connections – look for a padlock or HTTPS in the address.
Safe COVID-19 Sites
NEC has put together a list of Federal and local Government URLs that can be safely used to get COVID-19 updates.
|New South Wales||nsw.gov.au/covid-19|
We are all busy and many of us in different work surroundings. Taking a little more extra care in what we click on and consume may save us a whole lot of pain later.
Our team are happy to help you directly if you have any concerns for your organisation. Contact us if you need assitance.