Karrie Ilagan, managing director of Cisco Philippines, said that COVID-19 has changed the world in ways few could have anticipated just a few months ago. “Unfortunately, this rapid change has also exposed potential security weaknesses, as well as new or increased opportunities for attackers and adversaries.”
For Ilagan, as certain tools have now become ‘business critical’, they are being tested in ways previously overlooked and businesses are needing to consider whether they can stand up to this increased scrutiny.
“Preying on an individual’s fears has always been a go to tactic of cybercriminals, so it’s no surprise that fears about the global pandemic have led to multiple COVID-19-themed campaigns claiming to have hard-to-get emergency supplies and more,“ Ilagan said, adding that Cisco Umbrella has – in fact – seen a surge in Internet requests to domains that include the word ‘covid’ or ‘corona’ over the past months.
On February 19, Cisco’s enterprise customers made 562,144 queries to 8,080 unique domains containing these keywords. By March 19, the company saw a 1,907% increase in requests – that is 11,287,190 requests, across 47,059 domains containing these keywords. Four percent of these 47k domains were blocked as malicious sites.
Cisco Talos also recently observed a significant increase in phishing attacks leveraging COVID 19, as well as recent economic stimulus information from the US Government. Cisco Talos observed three broad categories of attacks leveraging COVID with known APT participation in each of these categories: malware and phishing campaigns using COVID-themed lures; attacks against organizations that carry out research and work related to COVID ; and fraud and disinformation.
And so “Cisco continues to track malicious campaigns themed towards COVID-19. Cisco Umbrella analyzes over 180 billion Internet requests per day – protects users from malicious Internet destinations before they can be used in attack campaigns. Delivered from the cloud, Cisco Umbrella can quickly be scaled to protect remote workers.”
Ilagan said that “in the blink of an eye, a ‘new normal’ has been established for legions of workers who were once accustomed to meeting in conference rooms – now the world is completely online. We have to do everything we can to help power business continuity, but also keep people and organizations secure – and protect their privacy.”
This is because modern threats look to take advantage of this swift move to a remote workforce, and center on gaining remote access to users’ apps and data – whether on their devices they’re using to access corporate resources; via COVID-19 themed malicious domains or phishing attacks; or even by taking advantage of potential security weaknesses in collaboration tools.
In fact, “remote working collaboration tools (including video conferencing like Webex) have become a lifeline for businesses and their people to stay connected and productive – and now malicious actors are catching on, targeting collaboration tools for the highly sensitive data often shared on these platforms. Security is not top of mind for all tools.”
So for Ilagan, in moving towards a remote setting, organizations should assess collaboration solutions to ensure that they adhere to the company’s levels of acceptable risk in three areas.
First, “consider what the company does with any data they collect. It’s been long said that if the product is free, you are the product.”
Second, “encryption in transit for web conferencing is a must while everyone is working from home on untrusted networks.”
And third, “users must be privacy aware and take steps to ensure secure video conferences remain secure.”
Some of these steps are:
- Disable all features you’re not using – including microphone, camera, screen sharing and file sharing.
- Use a webcam cover to physically block video sharing. Some video conferencing automatically turn on video as soon as you join the call or allow hosts to turn on participant’s video. The Cisco Webex DX80 comes with a built-in shutter to provide this functionality.
- If you are going to be sharing your screen, disable desktop notifications and make sure that your wallpaper and other windows are something you’re ok with sharing.
- Don’t re-use meeting codes and set passwords.
- Require the meeting owner’s approval for guest access to meetings and recordings.
As one of the few companies with the technology, people, partners and global scale to help customers stay connected, supported, and secure, Cisco eyes to “connect employees and teams, students and teachers, doctors and patients.”
“In response to today’s unprecedented challenges, we have been providing free collaboration tools and security offerings, along with a suite of cloud-based services to get customers up and running quickly,” Ilagan said.
Some of the Cisco solutions that allowed businesses to continue despite global disruptions and their usage throughout the pandemic are:
- Cisco Security has protected millions of users since the start of the security offerings on March 10, and the number is growing exponentially every day.
- Duo Security (multi-factor authentication) has seen more than 3,300 new organizations signing up globally in the last week alone; this is a 200% increase on the usual weekly sign up rates.
- As part of Cisco, the world’s largest enterprise security provider, Webex is trusted by 95% of the Fortune 500. Our guiding principle has always been Collaboration Without Compromise.
- Webex is committed to respecting the privacy of user data.
- Cisco does not rent or sell user data to third parties.
- Cisco’s software development lifecycle (SDLC) is ensures products are developed with security built-in as a foundational element.
- Webex is secure out-of-the-box and by default.
- Cisco ensures that dedicated room meeting IDs are assigned and secured with passwords by default.
- Webex default security settings prevent Man in the Middle attacks (e.g., hackers changing user-written text in transit). Webex sees any 3rd party proxy as a man in the middle attack and denies access.
- Webex provides end-to-end encryption for data in use, in transit and at rest with a key the customer controls.
- Webex transcription is done in-house with Voice so your transcriptions never go outside your cloud to a third party.
- Webex has security governance and is transparent with security issues
- Cisco has an independent Security and Trust organization, separate from the product engineering organization, with governance over Webex
- Security vulnerabilities – including 3rd party penetration tests – are immediately remediated and proactively disclosed.
- Webex is committed to respecting the privacy of user data.
- Webex has the biggest collaboration platform in the world.
- Cisco has supported more than 73 million secure Webex meetings for everyone from federal governments, universities to grades schools, life-saving healthcare operations, wand the businesses big and small.
- Webex saw 240,000 online signups in a single 24-hour period. This is a platform that, before this crisis, was running 300 million users per month.
- In one day alone, Webex handled 4.2 million meetings – more than twice the average on a peak day before the pandemic.
- Cisco has hosted 14 billion meeting minutes in March, more than double the number in February
WORKING FOR CHANGE
Moving forward, and knowing that something like Covid-19 may happen again, what is the best lesson that companies/businesses can learn from this experience?
“As COVID-19 continues to upend businesses, the trend towards remote work will only accelerate. COVID-19 has changed the world in ways few could have anticipated just a few months ago. Unfortunately, this rapid change has also exposed potential security weaknesses, as well as new or increased opportunities for attackers and adversaries. As certain tools have now become ‘business critical’ they are being tested in ways previously overlooked and businesses are needing to consider whether they can stand up to this increased scrutiny,” Ilagan said. “Consumers and enterprises using these tools should be secure by default, without the burden of configuring settings. Collaboration tool providers are accountable for providing seamless experiences to its users without compromising their safety and need to ensure that security and compliance are baked into the entire virtual working experience from the ground up.”
For Ilagan, for many CIOs and IT teams, the speed and global sweep of these changes are unlike anything they’ve experienced. Stress is at an all-time high as teams work day and night to support unprecedented IT demands and deadlines. Supporting the increasing demand for remote workers while minimizing disruption will require the addition or rapid expansion of existing compute infrastructure.
“The key is to accept that these changes are here to stay, and organizations need to assess the gaps in their operations that can be addressed by early investments in technology. At the same time, organizations should not be pressured to adopt all kinds of innovation that are out in the market. The important factor is to innovate with the right technology that serves specifically what the organization needs, and complement with the necessary training for all the users to maximize potential of these tools. After all, technology is only as good as the people who use it,” Ilagan ended.