As a significant portion of the work force has transitioned to remote working during the COVID-19 global pandemic, the level of cybersecurity threats has increased dramatically, especially given the increased use of electronic devices previously used primarily for personal use. These attacks can have major business consequences depending on an organization’s security controls. As working from home practices are expected to become more prevalent post-COVID-19, the following are precautionary steps that organizations should consider implementing to mitigate the risk of cybersecurity threats inherent in a work-from-home environment:

1) Additional Cybersecurity Training.

• Firms should consider additional cybersecurity training, with a particular emphasis on highlighting the most vulnerable remote working weaknesses.
• Remind employees of the need to report cybersecurity breaches promptly.

2) Phishing Scams.

• Users should be cautious when using videoconference applications and only accept known meeting invites obtained from email or telephone communications. Be wary of meeting invitations from video conference providers as there have been reports of fake invitations. Firms should verify that video conferencing platforms are properly secured and passwords are required for all corporate meetings.
• Firms may wish to consider performing their own mock phishing test drills on their personnel, followed by security awareness training.
• Cyber criminals are notorious for attempting to capitalize on current market events and conditions.  Recent attacks have attempted to capitalize on COVID-19 communications, such as false CDC and coronavirus updates, impersonations of executives discussing business continuity plans, requests for charitable contributions, requests for passwords to sensitive information, fake “remote work testing” emails and more. Companies should remind employees to be vigilant before clicking on any links or providing any sensitive information via email. Generally, be on the lookout for suspicious communications and phishing emails.

3) Network Security.

• Wi-Fi: Personnel should be reminded that public wi-fi networks are unsecure and information accessed and transmitted over public or unsecure networks can be accessed by third parties. It is recommended that only password protected Wi-Fi sites be used.
• Virtual Private Network (VPN) Usage: If shared Wi-Fi connections are an employee’s only internet access, firms should consider assisting their employees in establishing VPNs. Moreover, those employees already using a VPN should ensure that it is current with the latest available security patches.
• Multi-Factor Authentication (MFA): Additionally, firms should consider the use of MFA for employees working remotely. Employing MFA, where possible, reduces the impact of account compromise as it adds another layer of identification.
• Backup: Firms should consider providing and augmenting backup connectivity to VPN and/or backup scenarios where MFA services are down. Access to modify backup MFA controls should be limited to a select group of IT professionals.

4) Cyber Incident Response.

• Firms should review their existing cyber incident response procedures and related business continuity plans and communicate preparedness to employees.
• Firms should also be prepared to respond to a cybersecurity breach remotely. Preparation should include ensuring that assisting IT personnel have hard copies of all relevant plans and contact information for those key personnel who need to be contacted during a breach.

5) Third Party Check-Ins.

• Many companies outsource or rely on third parties for some type of infrastructure support. During a time when firms are so heavily depending on telework and remote access, companies should communicate with all such vendors to understand the measures they are taking to ensure continuity of services and security in the event they are the subject to a cyberattack.
• Firms should also be prepared to respond to similar inquiries from their clients.

6) Cybersecurity Insurance: As working from home practices continue to grow, Firms may want to consider the purchase of cybersecurity insurance. Cybersecurity insurance policies can cover many expenses related to a cybersecurity breach such as legal expenses, forensic teams, notification expenses, payment of ransom, regulatory fines and penalties and more.

If you have any questions or would like to learn more about Seward & Kissel’s Cybersecurity services, please contact Valentino Vasi (vasi@sewkis.com), Andrew Jacobson (jacobsona@sewkis.com) or your primary Seward & Kissel attorney.

Seward & Kissel has established a COVID-19 Resource Center on our web site to access all relevant alerts that we distribute.