News for the cybersecurity community during the COVID-19 emergency
At a glance.
- The pandemic and strategy.
- Healthcare organizations continue to be attacked at high rates.
- COVID-19-themed crime in general continues to exact a toll.
- Zoom struggles with security and reputational damage.
- Advice for secure telework.
COVID-19's strategic implications are under consideration this week. Defense News reports that NATO's defense ministers are conferring today (by secure video teleconference, of course) to address the coronavirus pandemic's effects on the Atlantic Alliance. In the US, National Defense thinks that one of the strategic effects the virus is likely to have will be a delay in implementing the Cyberspace Solarium Commission's recommendations.
Why are healthcare and medical research organizations under attack during the pandemic? Willie Sutton would get it: that’s where the valuable data are. The Washington Post and others report that there's been no respite in ransomware and other attacks. There are few signs of underworld restraint:
The US Federal Trade Commission's update on COVID-19-themed complaints shows that losses to such fraud since the beginning of January total $13.44 million.
Zoom, shedding more users, offers security upgrades. Reuters reports that London-based Standard Chartered is the first major, global bank to tell its employees to stop using Zoom because of concerns about the platform's security. Zoom has begun to issue weekly security updates, the latest of which enhances the password options available to session organizers. Some of Zoom’s problems aren’t the company’s fault: Fast Company points out that exposed credentials traded on the black market come for the most part from successful credential stuffing.
The problems Zoom is undergoing suggest lessons for crisis management. A Help Net Security piece looks at the company's response and draws some general lessons on the topic.
And experts offer security advice for remote work. Most will be familiar to you, but it’s worth reviewing nonetheless.