skout-blog

Coronavirus Related Resources

Note: this is a living blog post. We will continue to update it with new resources.

**Updated March 31st

Stimulus Resources

SKOUT released a blog post outlining some of the Stimulus Package resources that MSPs can take advantage of. Most notably is the forgivable loan program.

Hackers Targeting Zoom Links

The SKOUT SOC released a threat advisory on hackers targeting zoom domains. Take extra precaution when installing zoom software.

Coronavirus Driven Malware

The SKOUT SOC released a report on Coronavirus Driven Malware. There has been an increase in cyber criminals weaponizing fears concerning the Coronavirus to deliver malware. Delivery of this malware is done largely through spam email campaigns where users receive emails with deceptive text and attached files (usually Microsoft Office files).

Phishing

There has been a rise in phishing campaigns related to Coronavirus. The campaigns vary in exact messaging, but many have imitated the World Health Organization or HR departments issuing warnings and work-from-home guidelines. SKOUT advises taking extra precaution to protect users from getting phished. Read our threat advisory on this topic here.

Hardware

Many MSPs are experiencing delays getting hardware, especially firewalls. We anticipate this increasing due to frozen aspects of the supply chain. A lot of computer related hardware is made in Asia. In addition to the supply chain disruption, the influx of companies allowing or encouraging work-from-home has created an increased demand for laptops. MSPs are advised to expect delays from their vendors and stock up as soon as possible to meet demand.

Domains

According to Check Point, Coronavirus domains are 50% more likely to be malicious than other domains. The number of registered domains is skyrocketing. We suspect this trend to continue in the near future.

Malware

Hackers are imitating Coronavirus related resources to spread malware and steal credentials. We have seen reports of Coronavirus-themed spam to spread Emotet.

Remote Connectivity

MSPs have reportedly been moving to hosted VoIP solutions to make it look like users are in their office with their cell phone. Other MSPs have been equipping their clients with VPN solutions.

Remote Software

Remote Worker Policy

Download a free PDF to share with your team. If you are a partner, we are happy to provide the source files to rebrand as your own.

  • IT Checklist
    • Enable Local encryption
    • Local admin accounts are known with strong passwords
    • Limit external sharing of Cloud applications (OneDrive, etc)
    • Enable MDM for remote wipe capabilities
    • Review and enable remote endpoint security tools that can be centrally reviewed and monitored (Cylance, Cisco Scansafe, etc)
    • Provide ability to securely exchange files and information externally and internally (i.e. shrefile.com, office-365 encryption option enabled, on-premises solution, etc)
    • Enable Multifactor Authentication for remote connectivity that expires after 4-8 hours of use
    • Review Incident Response procedure with all relevant parties
  • Employee Checklist
    • Secure workspace
      • Ability to lock laptop and any business relevant information when not in use
      • Safely perform conversations without visitors eavesdropping or shoulder surfing
    • Wireless Security
      • Change default Wifi Router passwords Enable WPA-2 or higher encryption; Strong WEP password at minimum
      • Ensure your local router firmware is updated
    • Personal Device security
      • Updated IOT Device firmware (Smart Thermostats, Surveillance cameras, etc)
      • Ensure default passwords are changed
      • Updated software on all devices within your home network (Corporate laptop, IOT devices such as cameras and Smart Thermostats, personal laptops/tablets, etc)
    • Review corporate policies and procedures
  • Awareness
    • Corporate vs Personal
      • Do not share your corporate laptop for use with family or friends.
      • All corporate activities must be performed on the device provided by the organization
    • Limit social media use
      • Don’t reveal business itineraries, corporate info, daily routines, etc

Remote Bandwidth

There are many different areas to investigate when evaluating your employees work-from-home bandwidth. Many employees with connect via VPN. If that is the case, MSPs should check their maximum simultaneous connections and their server bandwidth. Additionally, your users may experience a bottleneck due to their home bandwidth. Users can test their home internet speed at net. Consider defining a minimum acceptable speed for work-from-home users.

Microsoft has published guidelines to reduce VPN load for Office 365 services.

Trade Shows

Many channel and IT trade shows are being postposed, cancelled, or changed to digital. Keep up to date by following Joe Panettieri’s list on Channele2e.

Sanitizing a Computer

Many MSPs and their clients are cleaning and sanitizing their devices much more frequently. As a reminder, devices should always be turned off and disconnected before sanitizing with a disinfectant wipe. If using a spray, remind customers to spray the towel, not the computer. Further instructions can be found here and here.

Handshakes

It is becoming less appropriate to greet someone with a firm handshake. According to the New York Times, “the handshake is on hold.” OPEC ministers have taken to a humorous “foot tap”. Others have moved to a wave or bow. Whatever you decide, it is best to get out in front of this to not offend your business associates.

At this time you can still use the TCP protocol.

Webcams

It is best practice to cover your laptop webcam. This is recommended by the FBI and can be accomplished by covering it with a post-it note or something similar to this. Some covers can damage screens if they are placed directly on glass so be careful when recommending this to your clients and team.


We will continue to update this list of resources. If you have any additional questions, please contact our team.