Securing the Organization’s IT Assets Amidst COVID-19Justin Pineda CISSP, GWAPT, GMOB, CEH
Principal Consultant, Pineda Cybersecurity
https://pinedacybersecurity.com/
1Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Discussion Points
• How organizations are affected by COVID-19
• Common cybersecurity issues faced
• Cybersecurity defense against attacks
• Future actions to maintain security posture
2Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
How organizations are affected by COVID-191 of 4
3Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Business Impact
• In an Accenture report, they discussed impacts on:• Systems
• Experience
• Operations
• Commerce
• Customers
• Supply Chain
• Leadership
• Workplace
4Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(COVID-19: Managing the human and business impact of coronavirus, Accenture, 2020)
Business Impact
• In an Accenture report, they discussed impacts on:• Systems – system resilience
• Experience – customer behavior
• Operations – business continuity
• Commerce - commerce innovation
• Customers – move at unprecedented speed
• Supply Chain – supply quickly, safely & securely
• Leadership – new patterns of work
• Workplace – shift to remote working, higher rates of SL
5Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(COVID-19: Managing the human and business impact of coronavirus, Accenture, 2020)
Business Impact
• In an Accenture report, they discussed impacts on:• Systems – system resilience
• Experience – customer behavior
• Operations – business continuity
• Commerce - commerce innovation
• Customers – move at unprecedented speed
• Supply Chain – supply quickly, safely & securely
• Leadership – new patterns of work
• Workplace – shift to remote working, higher rates of SL
6Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(COVID-19: Managing the human and business impact of coronavirus, Accenture, 2020)
Business Impact - Systems
• Business continuity risks
• Surge in transaction volumes
• Workforce productivity challenges
• Security risks
7Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
*According to a 2019 Accenture Survey of 8,300 companies as respondents
(COVID-19: Systems resilience in times of unprecedented disruption, Accenture, 2020)
Common cybersecurity issues faced2 of 4
8Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Attacks on NASA
9Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(NASA sees an “exponential” jump in malware attacks as personnel work from home, ARS Technica, 2020)
Local – BPI Phishing attacks
10Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(BPI warns public about increasing COVID-19 scams, 2020)
Google: 18M Malware & Phishing in 1 Week
11Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week, The Verge, 2020)
Trend Micro: COVID-19 Themed Attacks
12Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(Developing Story: COVID-19 Used in Malicious Campaigns, Trend Micro, 2020)
COVID-19 Case Tracker filled with Malware
13Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
(Spyware disguised as COVID-19 tracker app actually keeps track of users, SC Media, 2020)
Summary
14Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Increased number of phishing attacks using coronavirus references as bait.
Enhanced risk of cyberattacks on company networks due to reduced IT staffing and/or need to focus on supporting remote access at the expense of security.
Business continuity risks arising from the potential lack of system and connectivity resources to handle surge in remote work, compounded by the heightened risk of cyberattacks that could disrupt operations.
(Coronavirus and Remote Work Heighten Cybersecurity Risks, Jones Day, 2020)
Cybersecurity defense against attacks3 of 4
15Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
SANS Security Awareness Deployment Guide
16Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
https://www.sans.org/
Securely Working for Home
17Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Periodic Security Awareness reminder for employees
Accessible IT/Cybersecurity team for security incidents
Clear policies and guidelines for employees
Management support in every step of the way
Caveats
• IT/ Security Team
• Common mistake is to manage a lot of risks identified.
• Limit and prioritize risks
• Communications Team
• Explaining the risks and security issues in layman’s term may not be the strongest skill of technical guys.
• Strong partnership with Comms Team is important.
18Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
3 Core Risks
19Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Social Engineering
Strong Passwords
Updated Systems
Social Engineering
20Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Psychological attack where attackers trick or fool victims.
Key Points:
Train employees what social engineering is
How to spot most common indicators of social engineering
What to do when they spot one
SANS Social Engineering Free Materials
• Fact Sheets, Posters, Templates -https://ssahub.sans.org/folders/19qytvyc
• Social Engineering Video -https://bit.ly/3aEABUR
21Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
22Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
23Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
24Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Strong Passwords
25Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Weak passwords continue to be one of the primary drivers for breaches on a global scale.
Four Key Behaviors
• Passphrases
• Unique passwords for all accounts
• Password managers
• MFA (Multi-Factor Authentication)
Use Passphrase
26Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
https://www.useapassphrase.com/
Password Managers
27Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
https://www.lastpass.com/ https://keepass.info/
Multi-Factor Authentication (MFA)
28Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
https://lastpass.com/auth/
https://chrome.google.com/webstore/detail/authenticator/bhghoamapcdpbohphigoooaddinpkbai?hl=en
29Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
SANS Password Free Materials
• Fact Sheets, Posters, Templates -https://ssahub.sans.org/folders/b1bslq1y
30Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Updated Systems
31Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Ensure that applications and OS are running the latest version.
Require enabling automatic updating
Other topics to consider
• Detection/Response
• Wi-Fi (Securing your Wi-Fi Access Point)• Cyber Secure Home:
https://www.sans.org/sites/default/files/2020-03/02-SSA-WorkingFromHome-FactSheet.pdf
• VPN’s
• Working Remotely
• Children/Guests
32Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
For more details…
33Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
https://www.sans.org/sites/default/files/2020-03/01-SSA-WorkingFromHome-DeploymentGuide_1.pdf
Future actions to maintain security posture 4 of 4
34Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Specific Security Policies
35Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Create specific and granular password policies to include use of password managers and MFA
Create Policies on Remote Work (VPN, Internet connection, Backup)
Update Acceptable Use Policy to include Remote Work sections.
Security Awareness Roadmap
36Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Phishing Strategic Planning
37Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Goals
• Reduce Phishing Risk
• Increase Detection Capabilities
Contents
• Executive Summary
• Goals
• Planning
• Keys to Success
• Offenders
• Following-up
• People Reporting Phishing Attacks
• Tiered Phishing Templates
• Metrics and Measurement
Security Awareness Survey
38Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Provides insight into information security awareness within your organization
Consist of questions designed to measure a set of basic characteristics of the organization’s security awareness posture
Some questions collect factual data (role, time in job, etc.)
Some questions collect data about the user’s awareness, attitudes and behaviors
Information Security Ambassador
Responsibilities include:
• Raise awareness to the Information Security Handbook
• Award Handbook Completion Certificate
• Participate in monthly calls with IT/Cybersecurity team to get updates on the latest security incidents and news
• Participate in awareness campaign
• Coordinate topical Brown Bag session
39Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Metrics
40Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Behavioral Metrics can be difficult especially during WFH. (Ex. Securing Wi-Fi device)
Measure engagement instead
Interaction (questions & suggestions from staff)
Simulations (social engineering exercise)
References
• COVID-19: Managing the human and business impact of coronavirus
• Link: https://www.accenture.com/ph-en/about/company/coronavirus-business-economic-impact
• NASA sees an “exponential” jump in malware attacks as personnel work from home
• Link: https://arstechnica.com/information-technology/2020/04/nasa-sees-an-exponential-jump-in-malware-attacks-as-personnel-work-from-home/
• BPI warns public about increasing COVID-19 scams• Link: https://www.bpi.com.ph/service-in-the-time-of-covid-19/bpi-
warns-public-about-increasing-covid-19-scams
41Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
References
• Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week
• Link:https://www.theverge.com/2020/4/16/21223800/google-malware-phishing-covid-19-coronavirus-scams
• Developing Story: COVID-19 Used in Malicious Campaigns
• Link: https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/coronavirus-used-in-spam-malware-file-names-and-malicious-domains
42Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
References
• Coronavirus and Remote Work Heighten Cybersecurity Risks
• Link: https://www.jonesday.com/en/insights/2020/03/coronavirus-remote-work-cyber-risks
• Cybersecurity Tips for Remote Working & Learning During COVID-19
• Link: https://it.nc.gov/resources/covid-19-resources/cybersecurity-tips-remote-working-learning-during-covid-19
43Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
References
• Spyware disguised as COVID-19 tracker app actually keeps track of users
• Link: https://www.scmagazine.com/home/security-news/mobile-security/spyware-disguised-as-covid-19-tracker-app-actually-keeps-track-of-users/
• Managing Cybersecurity and Data Privacy Concerns During the COVID-19 Pandemic
• Link: https://www.jonesday.com/en/insights/2020/04/covid19-cybersecurity-and-data-privacy-concerns
44Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
References
• How to protect yourself from cyberattacks when working from home during COVID-19
• Link: https://www.weforum.org/agenda/2020/03/covid-19-cyberattacks-working-from-home/
• Security Awareness Deployment Guide – Securely Working at Home
• Link: https://www.sans.org/sites/default/files/2020-03/01-SSA-WorkingFromHome-DeploymentGuide_1.pdf
45Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Further Reading
• Systems Resilience Managing unprecedented disruption with an eye to the future
• Link: https://www.accenture.com/_acnmedia/Thought-Leadership-Assets/PDF-2/Accenture-COVID-19-Systems-Resilience-in-Times-of-Unprecedented-Disruption.pdf
• Cybersecurity During COVID-19 • Link:
https://www.schneier.com/blog/archives/2020/04/cybersecurity_d.html
• Work-from-Home Security Advice• Link: https://www.schneier.com/blog/archives/2020/03/work-from-
home_.html
46Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Further Reading
• Avoiding Phishing Attacks• Link: https://it.nc.gov/resources/cybersecurity-risk-
management/cybersecurity-awareness/online-safety-tips/avoiding-phishing
47Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Templates/ Fact Sheets
• Security Awareness Resources• Link:
https://www.dropbox.com/sh/v9y96jet035l6sj/AADFzdVfdXmC5qunzmrXj41Ja?dl=0&lst=
• Creating a Cyber Secure Home• Link: https://ssahub.sans.org/folders/a6r4a4cs
• Malware• Link: https://ssahub.sans.org/folders/esmmm1px
• Passwords• Link: https://ssahub.sans.org/folders/b1bslq1y
• Social Engineering• Link: https://ssahub.sans.org/folders/19qytvyc
48Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Training Videos
• Social Engineering: https://bit.ly/3aEABUR
• Creating a Cyber Secure Home: https://bit.ly/2Y5xuCS
• Working Remotely: https://bit.ly/3aJIokl
49Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Company ProfileEstablished in 2017, Pineda Cybersecurity is aManila-based IT consulting company thatprovides cybersecurity instruction and services atreasonable rates. Since then, we haveconducted several cybersecurity workshops,from technical to managerial, for local andmultinational firms. Our diverse portfolio includesgovernment agencies, banks, real estatedevelopers, manufacturing businesses,academe, utilities, law firms, food groups, andtravel agencies. Backed by industryprofessionals with years of experience and astrong grip in the field of information technology,our team is founded to create a culture ofinformation security by sharing our expertise andestablishing networks.
50Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Company Profile
Apart from workshops, Pineda Cybersecurity also provides consulting services such as
• Regulatory and administrative services
• Data Privacy Compliance
• IT Security Audit
• Risk Management
• Technical services
• Vulnerability Assessment and Penetration Testing (VAPT)
• Open-source security controls implementation.
51Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Philippine Department of ICT Recognition
We are recognized by the Department of Information and Communications Technology (DICT) as a Cybersecurity Assessment Provider for Vulnerability Assessment and Penetration Testing (VAPT) and Information Security Management System (ISMS).
52Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020
Securing the Organization’s IT Assets Amidst COVID-19Justin Pineda CISSP, GWAPT, GMOB, CEH
Principal Consultant, Pineda Cybersecurity
https://pinedacybersecurity.com/
53Securing the Organization’s IT Assets Amidst COVID-19 v1.0 | J. Pineda | Apr 2020