COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

GOP Proposal: $53 Million for COVID-19 Research Security

Chinmay Rautmare • July 29, 2020

As part of their latest COVID-19 economic relief legislation unveiled this week, Senate Republicans are proposing to allocate about $53 million to the U.S. Cybersecurity and Infrastructure Security Agency to help combat hackers targeting virus vaccine research.

Governance & Risk Management

US, UK, Canada: Russian Hackers Targeting COVID-19 Research

Latest

Fraud Management & Cybercrime

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Prajeet Nair • July 31, 2020

The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.

Governance & Risk Management

ONC's Donald Rucker: More Work to Do on Health Data Privacy

Marianne Kolbasuk McGee • July 30, 2020

In an exclusive, wide-ranging video interview, Don Rucker, M.D., HHS national coordinator for health IT, discusses why more work needs to be done to protect the privacy of health data as well as why the U.S. needs to ramp up secure health information exchange among clinicians.

Governance & Risk Management

VPN Vulnerabilities Put Industrial Control Systems at Risk

Prajeet Nair • July 30, 2020

Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.

Governance & Risk Management

Building a Resilient Workforce

Anna Delaney • July 28, 2020

Rachael Stephens, program director at the National Governors Association, discusses a new report offering insights into ways that governors and state policymakers can nurture a resilient workforce amid technological disruption that's exacerbated by the COVID-19 pandemic.

Fraud Management & Cybercrime

The Celebrity Twitter Hack: What Happened?

Nick Holland • July 24, 2020

The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.

Governance & Risk Management

Back to the Office: Managing the Risks

Anna Delaney • July 22, 2020

As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.

Governance & Risk Management

CISO Notebook: Putting Frameworks Around Risk

Tom Field • July 21, 2020

Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.

Fraud Management & Cybercrime

Cybersecurity Leadership: What We've Learned From COVID-19

Tom Field • July 17, 2020

What are the biggest leadership lessons from the COVID-19 pandemic? And what will CEOs and CISOs look back on and say, "Why did we ever do things that way?" Those questions were posed to a panel of cybersecurity leaders, and here are their candid answers.

Endpoint Security

Yet Again, Vulnerabilities Found in a Router

Jeremy Kirk • July 14, 2020

It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.

Fraud Management & Cybercrime

US Secret Service Forms Cyber Fraud Task Force

Akshaya Asokan • July 11, 2020

The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.

Fraud Management & Cybercrime

Zoom-Themed Phishing Campaign Targets Office 365 Credentials

Prajeet Nair • July 10, 2020

A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.

Endpoint Security

Analysis: Monitoring the Risks Posed by Remote Workers

Nick Holland • July 10, 2020

The latest edition of the ISMG Security Report analyzes the surge in the use of employee monitoring tools for the increasingly remote workforce. Also featured: Discussions about IoT security guidelines and CCPA compliance requirements.