The Centers for Disease Control and Prevention (CDC) reports that it is "responding to an outbreak of respiratory disease caused by a novel (new) coronavirus that was first detected in China and which has now been detected in 60 locations internationally, including in the United States." While early steps are being taken to protect health and mitigate the spread of disease, cybercriminals have already taken advantage of public anxiety. A Washington State agency reports a phishing campaign in which the cybercriminals impersonate the CDC, "warning of new infections and promising to provide a list of active infections in the surrounding area if users click on a link." Clicking the link leads to the download of malware, with potential compromise of the device and associated workplace systems. The agency suggests that employers remind staff of anti-phishing protocol. These include exercising caution before opening emails from unknown parties, confirming the identity of senders via phone and not opening unexpected links or attachments.

Regardless of how COVID-19 progresses, companies should consider similar, common-sense measures to ready their cybersecurity preparedness for potential disruption. For example:

  • if it is likely that employees will choose to work from home, reinforce applicable policies, procedures and training about home offices, protecting devices, encrypting data at rest, maintaining clear desk policies, etc.
  • if executives will be out of the office, reinforce anti-spear phishing training with IT staff and others with access to sensitive company information
  • use the occasion to update alternative contact information in data security breach response plans and other crisis communications plans
  • for those same plans, develop redundancies if one or more key team members were to be out sick and unable to contribute – identify a flex squad
  • consider making planned patches and upgrades now, before any potential disruption to workforce or supply chain
  • look to complete any agreements needed for cybersecurity purposes on the same prompt schedule

By taking these steps to protect technology, companies may reduce the risk of loss that may otherwise accompany temporary disruptions like COVID-19 may prove to be.