With the lack of a nationwide mask mandate, many experts in both finance and healthcare are saying that many states may have no choice but to reinstitute lockdowns. This has already happened in California and New Mexico according to clients I work with in those areas. Unfortunately, Governor Sununu does not appear to have the will to implement a mandate state wide, like some of neighboring states have. The next few weeks will be critical in determining whether New England will be able to come through the summer tourist season without reversing our current trends.
In light of this and the reality that the majority of the nation is experiencing an increase in Coronavirus spread, I am recommending that all businesses re-examine their experience in coming through the initial lockdown that began in earnest in March. What lessons have you learned? What worked well and what did not? Most importantly, examine your cybersecurity protocols as the threats we now face are at unprecedented levels.
This past week has been quite a week as it relates to cybersecurity threats. It’s been suspected for months and confirmed this week, that foreign state actors, most notably China and now Russia, are actively hacking organizations involved in coronavirus vaccine research, production and trials. Presumably, this is taking place in an attempt to steal data in order to get control of any vaccine and control its release. Frankly, if that’s true, it’s disgusting. This virus is a common threat to all of humanity. We should be working together.
This week has also seen a significant hack on Twitter and a major vulnerability in Microsoft’s DNS, Domain Name Server that prompted an emergency alert from the Cybersecurity & Infrastructure Security Agency (CISA). CISA urged the immediate application of a security update to address the vulnerability that would allow a hacker to take control of at-risk systems. This issue impacts any Windows Server with the DNS role enabled.
The Twitter hack impacted several high-profile accounts. Some have deemed it an “epic” hack. The hack was perpetrated by hackers who tricked a Twitter employee to divulge credentials allowing the hacker access to internal administrative controls that allowed the hacker to send out tweets under the accounts of public figures. The tweets directed people to a bitcoin scam.
I share all of this to make the point that no company is immune to cyberthreats and the motivation for these threats varies. If we are forced into a new lockdown, can you pivot your business to a fully remote model quickly and securely? My emphasis is on securely more than anything. Hackers are absolutely taking advantage of the number of employees working remotely. Many are doing so insecurely. It’s critically important, now more than ever, to be sure your remote users are working securely and not inadvertently putting your business at risk. Every remote user should be secured with multi-factor authentication at a minimum, but businesses also need to be that their remote users are working on a secured segment of their home network, that is not comingled with the rest of their family or roommates. Talk to your IT team or IT partner to be sure you have a secure model for your team to work remotely, whether they are presently, did in the past or may need to in the future.
Please don’t take these risks lightly. Our economy depends on it.
MJ Shoer is an IT consultant based in Portsmouth, NH. He provides coaching and content development, partner program and technology stack management, Office 365 optimization, realistic cybersecurity and virtual CTO services to his clients. He maintains a blog about IT at www.mjshoer.com/blog and may be reached at firstname.lastname@example.org.