COVID-19 Cybersecurity Resource Guide

Ingalls has consolidated relevant and helpful information to address security and privacy concerns surrounding the global COVID-19 outbreak. This guide features free and updated information on current scams, cyber threats, remote working, security awareness, and more. Ingalls will be working diligently to update this guide regularly as resources become available. We wish all of you safety and good fortune amid this hardship.

Our Commitment to YOU: https://blog.iinfosec.com/coronavirus-covid-19-message

Teleworking Best Practices

Current News (As of 13 May 2020)

Top 10 Routinely Exploited Vulnerabilities https://www.us-cert.gov/ncas/alerts/aa20-133a

COVID-19 cyber threats: Why data integrity is crucial & how to protect it. https://www.beckershospitalreview.com/cybersecurity/covid-19-cyber-threats-why-data-integrity-is-crucial-how-to-protect-it.html

New Materials Warn of Cyberthreats, Potential HIPAA Violations https://www.govinfosecurity.com/hhs-issues-security-privacy-guidance-for-covid-19-issues-a-14237

New COVID-19 Phishing Campaigns Target Zoom, Skype User Credentials: https://healthitsecurity.com/news/new-covid-19-phishing-campaigns-target-zoom-skype-user-credentials

NSA Shares Cybersecurity Guidance, Assessments for COVID-19 Telework: https://healthitsecurity.com/news/nsa-shares-cybersecurity-guidance-assessments-for-covid-19-telework

Cybersecurity and Infrastructure Security Agency (CISA)
Promoting Integrity and Security in Upcoming Elections. CISA continues to coordinate with government and industry partners to ensure upcoming elections are accessible and secure for voters: https://www.dhs.gov/news/2020/04/27/weekly-update-dhs-response-covid-19

Department of Justice Announces Disruption of Hundreds of Online COVID-19 Related Scams: https://www.justice.gov/opa/pr/department-justice-announces-disruption-hundreds-online-covid-19-related-scams

DHS Response to COVID-19: https://www.dhs.gov/news/2020/04/21/weekly-update-dhs-response-covid-19

COVID-19 Exploited by Malicious Cyber Actors: https://www.us-cert.gov/ncas/alerts/aa20-099a

CISA RELEASES VERSION 3.0 OF GUIDANCE ON ESSENTIAL CRITICAL INFRASTRUCTURE WORKERS DURING COVID-19: https://www.cisa.gov/news/2020/04/17/cisa-releases-version-30-guidance-essential-critical-infrastructure-workers-during

FBI releases guidance on defending against Zoom Bombing: https://www.us-cert.gov/ncas/current-activity/2020/04/02/fbi-releases-guidance-defending-against-vtc-hijacking-and-zoom

COVID-19 Exploited by Malicious Attackers: https://www.us-cert.gov/ncas/alerts/aa20-099a

COVID-19 Cybersecurity Wrap-Up https://thecyberwire.com/stories/db840c5c593447caac96480d20b0fe53/high-traffic-and-online-mischief-strain-systems

Q1 2020 COVID-19 Phishing Attacks Up 600% https://blog.knowbe4.com/q1-2020-coronavirus-related-phishing-email-attacks-are-up-600

Hackers have hit EVERY Country on Earth with Coronavirus Themed Cyberattacks https://blog.knowbe4.com/hackers-have-hit-every-country-on-earth-with-coronavirus-themed-cyberattacks

Working Remotely Security Tips 

Today's technology allows remote working; however, are your employees prepared with the necessary knowledge to keep themselves and your network safe? Check out these resources for more information.

Ingalls Working Remotely Securely: https://blog.iinfosec.com/keep-your-network-secure-while-working-remotely-during-covid-19?utm_campaign=COVID-19

KnowBe4 Webinar: https://info.knowbe4.com/webinar-improve-your-remote-employee-security

SANS Work From Home Deployment Toolkit: https://security-awareness.sans.org/sites/default/files/2020-03/01-SSA-WorkingFromHome-DeploymentGuide_1.pdf

SANS Securely Working From Home Factsheet: https://www.sans.org/security-awareness-training/fact-sheet

CISA Enterprise VPN Security: https://www.us-cert.gov/ncas/alerts/aa20-073a

Wanting to use Password Managers to make your life easier? Check out what SANS has to say about them. https://www.sans.org/security-awareness-training/resources/password-managers-0?utm_medium=Email&utm_source=Ouch&utm_content=Password+Managers&utm_campaign=STH+Ouch

Security Tips for Remote Workers: https://staysafeonline.org/resource/security-tips-for-remote-workers/

Security Awareness

Want to see what a Coronavirus phishing email looks like? Make sure your employees are trained on how to spot the Red Flags of a Phishing Email.

KnowBe4 Blog: https://blog.knowbe4.com/heads-upfeeding-frenzy-covid-19-phishing-attacks-surge-as-u.s.-reels-from-pandemic?

CISA Avoiding Social Engineering and Phishing Attacks: https://www.us-cert.gov/ncas/tips/ST04-014

FTC Scammers: https://www.consumer.ftc.gov/blog/2020/02/coronavirus-scammers-follow-headlines?utm_source=govdelivery;

Bleeping Computer: https://www.bleepingcomputer.com/news/security/fbi-warning-phishing-emails-push-fake-govt-stimulus-checks/

BAE COVID-19 Malicious Emails: https://info.ai.baesystems.com/rs/308-OXI-896/images/COVID-19-Infographic-Mar2020.pdf

COVID-19 Exploited by Malicious Cyber Actors. Watch for these Phishing Emails:https://www.us-cert.gov/ncas/alerts/aa20-099a

Cyber Threats and Scams

Think the cyber criminals are slowing down during this crisis? They are ruthlessly exploiting COVID-19 fears. Check out the latest threat intelligence reports.

Proofpoint Threat Intel Blog: https://www.proofpoint.com/us/corporate-blog/post/coronavirus-themed-attacks-target-global-shipping-concerns

FBI Warns how Cyber Attackers are taking advantage of virtual environments: https://www.ic3.gov/media/2020/200401.aspx

FBI Warns how Cyber Attackers conduct Business Email Compromise (BES) through Cloud-based Services: https://www.ic3.gov/media/2020/200406.aspx 

Checkpoint Research: https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/

Additional Resources

Here are a few of our favorite COVID-19 Resource Libraries. Enjoy!

FREE Complimentary KnowBe4 Resources https://www.knowbe4.com/coronavirus-security-awareness-resources

As the nation’s risk advisor, CISA brings industry partners and the federal government together to improve American cyber and infrastructure security. https://www.cisa.gov/coronavirus

NCSA COVID-19 Security Resource Library: https://staysafeonline.org/covid-19-security-resource-library/

Northeastern University's Global Resilience Institute: https://www.resilience-ed.org/

Internet Security when you work from home - FREE Training: https://www.knowbe4.com/work-from-home-course