COVID-19 Disaster Security

By Troy Richardson, South-West Texas Border SBDC Network –

KEY POINTS

• As with most significant global events, cyber criminals will leverage the event against potential targets to advance or achieve a malicious goal. This is most often carried out through phishing attacks. The cyber criminals send emails claiming to be from organizations that a recipient might expect to hear from, considering the current event. For example, with the COVID-19 disease, the emails may appear to come from a government health organization such as the CDC or other health care authorities. Users should be aware of this tactic and utilize good cyber security hygiene to include:

o Understand a government organization will never ask for your personal information in an email!

o Check the email address of the sender; don’t rely on the name that is displayed, and inspect the elements of the email address, especially the domain information (after the @ sign).

o Inspect any web links before clicking on them, by hovering over the URL with your mouse cursor to see where it directs to.

o As with any possible phishing email, watch for grammatical and spelling mistakes, and delete any emails that appear suspicious.

o Also, avoid emails that utilize generic greetings or are trying to instill a sense of urgency for you to act.

o Don’t open any attachments from ANYONE unless you are expecting the attachment!

• Businesses should review, and where needed, update their Business Continuity of Operations Plans, to include backing up critical business data (local and off-site) and testing those backups to ensure you can recover using the backups.

• If you or your employees are able to work remotely, take the following into consideration:

o Ensure that your business has a current cyber security policy that includes remote working.

o Utilize a trusted VPN utility to connect to work resources when on any network outside the business.

o Plan for non-business owned devices to connect to your organization or process business information.

o Identify, test and utilize a collaboration tool that can be used among coworkers while working remotely.

o Don’t store sensitive business information in an insecure environment (home office, external unencrypted hard drive, open laptop, a public folder residing in the cloud, etc.)

o Identify who will provide IT support to remote workers and how to contact that IT support resource.


About the Author: Troy Richardson is a Business Development Specialist at the South-West Texas Border SBDC Network