GUÍA DE
CIBERDEFENSAORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
84 There are numerous possible measures aimed
at managing third parties, mainly hiring and technical.
ISO 28000 standard is a good reference to identify suitable measures for the organization.
600.
During the
assessment phase, compliance and effectiveness of the measures must be assessed and fed back to the entire cycle in order to gradually improve the action plan and align it with the organization’s strategic objectives.
Cyber risks in pandemics601.
A global pandemic declaration by the World Health Organization (WHO) results in measures taken by governments of affected nations that carry additional cybersecurity risks.
602.
People residing in territories affected by a pandemic focus all their attention on health prevention and
lighten their individual cybersecurity responsibilities, taking for granted any communication, message, email, link they receive in relation to the pandemic without carrying out any type of verification. This individual relaxation is noted by cyber criminals and consequently, escalate their criminal activity.
603.
During pandemic
situations,
information is oversaturated, making it difficult for users to assimilate and filter it. Also, information oversaturation can lead to network collapse.
604.
Pandemic situations may require the population’s
confinement and an outcome is hyperactivity in social media sites that, together with loosening the employment of individual cybersecurity measures, generate a
cybercrime pull factor on social media environments.
605.
One of the great problems of modern societies is
disinformation (hoaxes, fake news, influence. During pandemic situations, information oversaturation predominates any information that seems to come from an official source tends
to be considered reliable, and hyperactivity in social networks thrives. All these factors create the ideal conditions for fake news to spread easily and quickly.
606.
Many countries affected by a pandemic take measures to contain the virus spread that require the cessation of nonessential activities and the confinement of nonessential workers at home. This leads many companies and organizations to promote
telecommuting and, to this end, create remote accesses to their information and control systems without due planning or preparation, and not taking into account the cybersecurity risks entailed.
607.
Telecommuting carries cyber risks that must be carefully studied and reconciled with potential operational benefits. The risk is as high for small companies–usually unprepared to institute secure remote accesses–as it is for large
organizations or corporations, with very robust cyber security systems that are constantly being watched by competitors or adversaries looking for vulnerabilities that would grant them access. Remote accesses are surely one of the main penetration routes that criminals will endeavor to attack.
608.
An example of an attack via remote access to a large business was the 2011 cyberattack against Lockheed Martin Corporation, a defense company, where cyber attackers exploited the VPN
60access system, which was used by employees to login remotely using secure access mechanisms (RSA SecurID hardware tokens).
609.
In
confinement situations, inmost cases, IT system security administrators will be considered nonessential and will be forced not to carryout their duties onsite and perform their work from home, using remote accesses, thus weakening cybersecurity at all levels.