Pub. 10 2020-2021 Issue 1

O V E R A C E N T U R Y : B U I L D I N G B E T T E R B A N K S — H E L P I N G C O L O R A D A N S R E A L I Z E D R E A M S July • August 2020 11 Six Ways to Protect Your Institution From Coronavirus-Related Cybersecurity Threats BY STEVE SANDERS , CSI, vice president of Internal Audit D uring events such as the COVID-19, or Coronavirus, pandemic, there is often an increase in criminal activity online. Preying on fear and panic, cybercriminals are now sending various scams related to COVID-19 and taking advantage of increasing vulnerabilities resulting fromunusual working situations. It is critical that you and your institution’s employees exercise caution during this time. Coronavirus Cybersecurity Threats Fraudsters are using a variety of tactics in efforts to scam businesses and individuals, and your institution must maintain a heightened sense of awareness. Fraudsters are registering malicious websites at breakneck speed, many including the word “corona,” and these are used to distribute malware to the devices of unsuspecting visitors. Scammers are using spam emails containing conspiracy language or offering the opportunity to purchase high-demand goods, including masks, cleaning supplies, etc. Additionally, cybercriminals are sending phishing emails that appear to come from familiar organizations but contain malicious phishing links or dangerous attachments. Be especially wary of emails claiming to have “new” or “updated” lists of COVID-19 cases in your area, as these emails can contain dangerous links. The attachments to these emails often include malware that, when installed, allows the attacker to install additional malware on the compromised machine, including ransomware, keyloggers and credential- stealing malware. These spam and phishing schemes are particularly effective right now, as we are craving the latest information on Coronavirus. Criminals take advantage of psychological principles, especially in times like this, to coerce us to do things we might not do in normal circumstances. Increase Caution While Working from Home A business email compromise is still a high risk, and criminals are looking for every opportunity to legitimize their presence in organizations further. During any disaster, criminals well know that normal operating procedures are not in place, and this pandemic has exacerbated that fact with the number of people working from home. Employees may be susceptible to more fraud with these emergency procedures in place. With many employees working from home, standard software and operating system update procedures may not work as planned. Cybercriminals are keenly aware of this vulnerability, and they are prepared to take advantage of any security weakness that becomes available. Steve Sanders is vice president of Internal Audit for CSI. In his role, he oversees the evaluation andmitigation of risks associated with IT, financial and operational systems. Steve is a CISA, CRISC, CRMA and CTGA, and he regularly speaks on information security, cybersecurity, IT and IT audit topics. Ensuring your institution has secure internet and virtual private network (VPN) access is crucial, especially when employees are working remotely. While malware updates should continue as normal when employees are working from home, internet filters and security devices may not offer the same security when employees aren’t utilizing VPN. For protection against these cybersecurity threats, financial institutions should identify network vulnerabilities using penetration testing tools. By testing your security infrastructure against real-world tactics used by cybercriminals to exploit your network, your organization can strengthen its security and compliance. How to Protect Your Institution You must continue to exercise caution throughout this developing situation. Stress and unusual circumstances can cause us to be more susceptible to social engineering scams. Protect yourself and your institution’s employees with frequent reminders, including the following: • Never click on links or open attachments from an email you weren’t expecting. • If you receive a suspicious email that appears to come from an official organization, such as the FDIC or FTC, report the email to your security team to double-check. • If you want to make a charitable donation, go directly to the charity’s website to submit your payment. Type the charity’s web address into your browser instead of clicking on links in emails or other messages. In addition to reminding your employees to exercise increased caution, protect your institution further by: • Reiterating acceptable use policies, and possibly utilizing local agents onmachines toenforcewebandcontent filtering. • Increasingdiligence to ensure all securityupdates are applied. • Ensuring any tools used for remote access, including VPN, are updated every time security updates are available. As we continue adapting to the Coronavirus situation, financial institutions and their employees must remain vigilant against cybersecurity threats. Contact CSI for more information about how we can help keep your organization one step ahead. n