The world faces a challenge that is unprecedented in modern history, which is testing humanity’s resilience from every possible perspective. The Americas are now dealing with a situation that Asia and part of Europe have been attempting to solve for weeks: practicing social distancing, school closures, large group gatherings cancellations, voluntary or government-enforced quarantine, and more in hopes to “flatten the curve”. Corporations are also quickly adapting and many are learning to deal with the matter by encouraging telecommuting as much as possible.
Unsurprisingly, cybercriminals are taking advantage of the situation in more ways than one. The first is almost expected: leveraging coronavirus news to trick users to click or engage, in hopes to compromise credentials or devices at large. In some cases, bad actors are benefiting greatly from the strict security measures being implemented on-premises, that become void when teams work remotely. The second area of opportunity is one that may be overlooked by many, which is the fact that the cybercriminal has always worked remotely. Your SOC may be understaffed. Your team may be juggling homeschooling and work duties. Unfortunately, it is business as usual for the bad guys.
I must say that I hesitated over writing this post. I wrote this because I want our clients and non-clients to remain vigilant and not let their guards down during this unique situation. Cybercriminals have not lost their sense of urgency, their motivation or their tools to carry on with their operations, and I am hoping that you don’t either. As an industry, I hope we can come together to not let them get further ahead and use the tools at our disposal to protect and defend our users and assets relentlessly and intentionally.
At Lumu, we are determined not to lose momentum. We have all of the tools and processes in place to allow our team to continue supporting existing customers to measure compromise in real-time, through the outbreak and beyond. We feel that measuring compromise intentionally and continuously is a must. That’s the very reason why we created Lumu Free: to give all organizations the ability and the advantage of knowing when and how their enterprise assets are communicating with malicious infrastructure.
I firmly believe that arming security teams with the ability to strengthen their programs is absolutely critical. It could be a while from now but this time will pass. You would want to make sure that when this is all over, your security plan has not only proven to be effective but it is in a better position than when this crisis started.
