COVID-19 Cyber Defense Services

Comprehensive risk assessment performed annually.
Cybersecurity assessment conducted quarterly to identify security vulnerabilities.
Perform pen test exercise on your mission critical assets and apps.
Development of incident response and disaster recovery plans.
Review and update of policies and procedures.
Evidence based program for active risk management.
Knowledge transfer throughout every engagement.
Align compliance program with NIST standards.
Implement a cyber defense strategy to achieve HITRUST CSF Certification.
Unconditional guarantee of your complete satisfaction!

COVID-19 Exploited by Malicious Cyber Actors

Advanced Persistent Threat (APT) groups and cybercriminals are targeting individuals, small and medium enterprises, and large organizations with COVID-19-related scams and phishing emails. Threats observed include:
- Phishing, using the subject of coronavirus or COVID-19 as a lure.
- Malware distribution, using coronavirus- or COVID-19- themed lures.
- Registration of new domain names containing wording related to coronavirus or COVID-19.
- Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.
Malicious file attachments containing malware payloads may be named with coronavirus- or COVID-19-related themes, such as “President discusses budget savings due to coronavirus with Cabinet.rtf.”
A non-exhaustive list of Indicators of Compromise (IOC) related to this activity is provided within the accompanying .csv and .stix files of this alert.
Malicious messages can arrive by methods other than email. In addition to SMS, possible channels include WhatsApp and other messaging services. Malicious cyber actors are likely to continue using financial themes in their phishing campaigns. Specifically, it is likely that they will use new government aid packages responding to COVID-19 as themes in phishing campaigns.
Due to COVID-19, an increasing number of individuals and organizations are turning to communications platforms—such as Zoom and Microsoft Teams— for online meetings. In turn, malicious cyber actors are hijacking online meetings that are not secured with passwords or that use unpatched software.

COVID-19 Cyber Defense

Threat: Ransomware & Phishing

A new organization will fall victim to ransomware every 14 seconds in 2020, and every 11 seconds by 2021.
The top five ransomware variants targeting U.S. companies and individuals are CryptoWall, CTBLocker, TeslaCrypt, MSIL/Samas, and Locky.
An increase in phishing attacks. Attackers are using COVID-19 as bait to mislead employees and customers, resulting in more infected computers and phone.
Businesses and end-users are being targeted to download COVID-19 ransomware disguised as legitimate applications.

COVID-19 Cyber Defense

Credible Risk Assessment

COVID-19 Cyber Defense

Active Risk Management

Plans, Policies & Procedures

COVID-19 Cyber Defense

In the News

Connect with ecfirst at the Defense TechConnect Innovation Summit, Washington, DC, November 28, 2023

Events

Webinar—Beyond NIST, CMMC Certification: Fusion and Future, October 30, 2023

Thought Leadership

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), HITRUST Certified CSF Practitioner (CCSFP) is the chief executive of ecfirst, an Inc. 500 business. He is a highly regarded information security and regulatory compliance expert.

COVID-19 Cyber Defense Services

COVID-19 Exploited by Malicious Cyber Actors

COVID-19 Cyber Defense

Threat: Ransomware & Phishing

COVID-19 Cyber Defense

Credible Risk Assessment

COVID-19 Cyber Defense

Cybersecurity Assessment

COVID-19 Cyber Defense

Active Risk Management

Plans, Policies & Procedures

COVID-19 Cyber Defense

In the News

Events

Thought Leadership