SlideShare a Scribd company logo

Ivanti Threat Thursday - 5 Things to Consider For a Remote Workforce

Download as PPTX, PDF
Ivanti
Ivanti

Many enterprise companies are shifting to a remote work model to prioritize the health and safety of their employees. This comes with a unique set of challenges for IT professionals trying to keep users secure and productive. Ivanti CISO Phil Richardson and Security Expert Chris Goettl share insights on how to best protect your network with users now logging in from home.

Internet
1 of 15
Protecting Remote Workers Chris Goettl and Phil Richards March 26, 2020
Agenda Items  Coronavirus Social Engineering  Threat Actors Call a Truce?  Tabletop Exercises You Can Use
Situation Analysis Recommendations Exploit Type: Exposure: Attack Vectors:Impact: Phishing Education Backup / File Restoration Plan The FBI has issued a PSA, warning organizations and users about the potential for phishing campaigns taking advantage of those seeking information on the spread of COVID-19. Some of the emails appear as though they’re from the CDC. Others ask for your information in order to get a stimulus check or have attractive offers for medical supplies. Ransomware FBI Warns of Phishing Scams ??? Unknown Passwords, other data stolen Phishing, Social Engineering Patching Continuous Vulnerability Management
COVID-19 Phishing Scams  Phishing campaign pushing Netwalker/Mailto ransomware  Using attachment “CORONAVIRUS_COVID-19.vbs”  Embedded executable, obfuscated for extraction and launch  Victims get a TXT file ransom instructing payment on a Tor site  A public health district and an Australian logistics company have fallen victim
• Threat actors utilized a legitimate map from Johns Hopkins in a Java-based malware scheme • Selling the kit for $200 or $700 with the seller’s certificate • Users think the PreLoader is the map • Malware designed to steal passwords • Additional maps were found with AZORult malware Coronavirus Malware Kits
Threat Actors with a heart of gold?  BleepingComputer reached out to ransomware threat actors to ask if they will continue activities against healthcare during the pandemic  Some avoid healthcare or critical response services like 911 by default  Some say they will attempt to avoid healthcare services until the pandemic has ended  Some say are saying "If someone is encrypted, then he must pay for the decryption.“ regardless of type or company or service
Other Active Threats  TrickBot trojan slipping detection by using text from Coronavirus articles  An actual ransomware called “CoronaVirus”  Email extortion campaign promising to infect your family with Coronavirus
Business Contingency and Disaster Recovery
1. Your network has just expanded with new devices and networks. You need to track and manage these new assets and networks. • Recommendations: • Remote asset discovery • Track asset performance 5 Steps to Keeping Remote Workers Secure
2. Train and enforce good security hygiene. Threat actors have been working from home for forever. Your team hasn’t. An end user’s home is now the easiest way into your network. Recommendations: • Additional employee training • Put acceptable use plans in place, yes, even at home on personal devices • Advise users to be smart about the sites they’re visiting • Keep systems up to date 5 Steps to Keeping Remote Workers Secure
3. Configuration management. VPN is your first line of defense. Pay extra attention to GPO policies, configuration settings, and controlling the systems attached to your network. Recommendations: • Configure VPN for allowed devices only • Not a good idea to have EVERYONE on your VPN • Make sure customers have the right security structure before joining your network 5 Steps to Keeping Remote Workers Secure
4. Patching is critical now more than ever. It’s possible that you’ll need to patch non-corporate owned devices. Recommendations: • Ivanti patching solutions (yes, we’re bragging) • Best in class remote patch management 5 Steps to Keeping Remote Workers Secure
5.) AV is a must on all your remote systems. Ivanti utilizes Crowdstrike’s AV/AM. We did a global rollout to 1700+ devices and only one person noticed. Recommendations: • Make rollout a “non-event” 5 Steps to Keeping Remote Workers Secure
Q&A
Get the latest updates at: ivanti.com/ThreatThursday Thank You!

Recommended

IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
Viruses worms trojan horses lisa
Viruses worms trojan horses lisaViruses worms trojan horses lisa
Viruses worms trojan horses lisa
Dom Mike
 
Adware
AdwareAdware
Adware
Avani Patel
 
CLASS VII COMPUTER SECURITY
CLASS VII COMPUTER SECURITYCLASS VII COMPUTER SECURITY
CLASS VII COMPUTER SECURITY
Rc Os
 
Tutorial 9 - Security on the Internet
Tutorial 9 - Security on the InternetTutorial 9 - Security on the Internet
Tutorial 9 - Security on the Internet
dpd
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Security
SecuritySecurity
Security
Gopi Nath Gopi
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutions
hassanmughal4u
 

Recommended

IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
Viruses worms trojan horses lisa
Viruses worms trojan horses lisaViruses worms trojan horses lisa
Viruses worms trojan horses lisa
Dom Mike
 
Adware
AdwareAdware
Adware
Avani Patel
 
CLASS VII COMPUTER SECURITY
CLASS VII COMPUTER SECURITYCLASS VII COMPUTER SECURITY
CLASS VII COMPUTER SECURITY
Rc Os
 
Tutorial 9 - Security on the Internet
Tutorial 9 - Security on the InternetTutorial 9 - Security on the Internet
Tutorial 9 - Security on the Internet
dpd
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?
Faith Zeller
 
Security
SecuritySecurity
Security
Gopi Nath Gopi
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutions
hassanmughal4u
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
ErnestStaats
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
James Anderson
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension Inc.
 
Network security
Network security Network security
Network security
Madhumithah Ilango
 
Internet Security
Internet SecurityInternet Security
Internet Security
Peter R. Egli
 
Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
Texas Medical Liability Trust
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
Allan Pratt MBA
 
SNM 2009 Abstract: Computer Gadgets and Hacks
SNM 2009 Abstract: Computer Gadgets and HacksSNM 2009 Abstract: Computer Gadgets and Hacks
SNM 2009 Abstract: Computer Gadgets and Hacks
Tom Heston MD
 
Network Security
Network SecurityNetwork Security
Network Security
forpalmigho
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?
David Strom
 
Network security
Network securityNetwork security
Network security
William hendric
 
Cyber security
Cyber securityCyber security
Cyber security
manoj duli
 
Cyber Attack Analysis
Cyber Attack AnalysisCyber Attack Analysis
Cyber Attack Analysis
codefortomorrow
 
Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01
Nelito Systems Ltd
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
AlienVault
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today
Velocity Network Solutions
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
Alert Logic
 
Network security (syed azam)
Network security (syed azam)Network security (syed azam)
Network security (syed azam)
sayyed azam
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
Michael O'Phelan
 
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
IT Network marcus evans
 

More Related Content

What's hot

Internet Security
Internet SecurityInternet Security
Internet Security
Peter R. Egli
 
Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01
Nelito Systems Ltd
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
AlienVault
 

What's hot (20)

Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
 
Network security
Network security Network security
Network security
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
Ransomware attacks
Ransomware attacksRansomware attacks
Ransomware attacks
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
SNM 2009 Abstract: Computer Gadgets and Hacks
SNM 2009 Abstract: Computer Gadgets and HacksSNM 2009 Abstract: Computer Gadgets and Hacks
SNM 2009 Abstract: Computer Gadgets and Hacks
 
Network Security
Network SecurityNetwork Security
Network Security
 
What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?What endpoint protection solutions are available on the market today?
What endpoint protection solutions are available on the market today?
 
Network security
Network securityNetwork security
Network security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Attack Analysis
Cyber Attack AnalysisCyber Attack Analysis
Cyber Attack Analysis
 
Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01Sahilmod 120315100301-phpapp01
Sahilmod 120315100301-phpapp01
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
 
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal BallPlanning your 2015 Threat Detection Strategy with a Broken Crystal Ball
Planning your 2015 Threat Detection Strategy with a Broken Crystal Ball
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Network security (syed azam)
Network security (syed azam)Network security (syed azam)
Network security (syed azam)
 

Similar to Ivanti Threat Thursday - 5 Things to Consider For a Remote Workforce

Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_Paper
James Maudlin
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
bodo-con
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
bodo-con
 

Similar to Ivanti Threat Thursday - 5 Things to Consider For a Remote Workforce (20)

Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
Data Breaches and Security: Ditching Data Disasters-Michael McNeil, Philips H...
 
ransome_case solved.pptx
ransome_case solved.pptxransome_case solved.pptx
ransome_case solved.pptx
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_Paper
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
 
BEST CYBER SECURITY PRACTICES
BEST CYBER SECURITY PRACTICESBEST CYBER SECURITY PRACTICES
BEST CYBER SECURITY PRACTICES
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
Malware
MalwareMalware
Malware
 
Chapter 13
Chapter 13Chapter 13
Chapter 13
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
Cyber hygiene Training slide. It focuses on what you need to know to be safe ...
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Keeping your business safe online cosy club
Keeping your business safe online cosy clubKeeping your business safe online cosy club
Keeping your business safe online cosy club
 
Why is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldWhy is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital World
 
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
Safeguarding Your Business: Understanding, Preventing, and Responding to Data...
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 

More from Ivanti

More from Ivanti (20)

Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 
2024 Enero Patch Tuesday
2024 Enero Patch Tuesday2024 Enero Patch Tuesday
2024 Enero Patch Tuesday
 
2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday2024 Janvier Patch Tuesday
2024 Janvier Patch Tuesday
 
2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday2024 Gennaio Patch Tuesday
2024 Gennaio Patch Tuesday
 
Patch Tuesday de Enero
Patch Tuesday de EneroPatch Tuesday de Enero
Patch Tuesday de Enero
 

Recently uploaded

Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
ChloeMeadows1
 
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
lolsDocherty
 

Recently uploaded (17)

GOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdfGOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdf
 
Premier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfPremier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdf
 
Statistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdfStatistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdf
 
Reggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirts
 
Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
 
How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?
 
I’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 ShirtI’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 Shirt
 
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
Pvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdfPvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdf
 
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital PresenceCyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
 
Thank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsThank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirts
 
The Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case StudyThe Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case Study
 
Bug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's GuideBug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's Guide
 
Development Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of appsDevelopment Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of apps
 
Free scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirtsFree scottie t shirts Free scottie t shirts
Free scottie t shirts Free scottie t shirts
 
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
 

Ivanti Threat Thursday - 5 Things to Consider For a Remote Workforce

  • 1. Protecting Remote Workers Chris Goettl and Phil Richards March 26, 2020
  • 2. Agenda Items  Coronavirus Social Engineering  Threat Actors Call a Truce?  Tabletop Exercises You Can Use
  • 3. Situation Analysis Recommendations Exploit Type: Exposure: Attack Vectors:Impact: Phishing Education Backup / File Restoration Plan The FBI has issued a PSA, warning organizations and users about the potential for phishing campaigns taking advantage of those seeking information on the spread of COVID-19. Some of the emails appear as though they’re from the CDC. Others ask for your information in order to get a stimulus check or have attractive offers for medical supplies. Ransomware FBI Warns of Phishing Scams ??? Unknown Passwords, other data stolen Phishing, Social Engineering Patching Continuous Vulnerability Management
  • 4. COVID-19 Phishing Scams  Phishing campaign pushing Netwalker/Mailto ransomware  Using attachment “CORONAVIRUS_COVID-19.vbs”  Embedded executable, obfuscated for extraction and launch  Victims get a TXT file ransom instructing payment on a Tor site  A public health district and an Australian logistics company have fallen victim
  • 5. • Threat actors utilized a legitimate map from Johns Hopkins in a Java-based malware scheme • Selling the kit for $200 or $700 with the seller’s certificate • Users think the PreLoader is the map • Malware designed to steal passwords • Additional maps were found with AZORult malware Coronavirus Malware Kits
  • 6. Threat Actors with a heart of gold?  BleepingComputer reached out to ransomware threat actors to ask if they will continue activities against healthcare during the pandemic  Some avoid healthcare or critical response services like 911 by default  Some say they will attempt to avoid healthcare services until the pandemic has ended  Some say are saying "If someone is encrypted, then he must pay for the decryption.“ regardless of type or company or service
  • 7. Other Active Threats  TrickBot trojan slipping detection by using text from Coronavirus articles  An actual ransomware called “CoronaVirus”  Email extortion campaign promising to infect your family with Coronavirus
  • 8. Business Contingency and Disaster Recovery
  • 9. 1. Your network has just expanded with new devices and networks. You need to track and manage these new assets and networks. • Recommendations: • Remote asset discovery • Track asset performance 5 Steps to Keeping Remote Workers Secure
  • 10. 2. Train and enforce good security hygiene. Threat actors have been working from home for forever. Your team hasn’t. An end user’s home is now the easiest way into your network. Recommendations: • Additional employee training • Put acceptable use plans in place, yes, even at home on personal devices • Advise users to be smart about the sites they’re visiting • Keep systems up to date 5 Steps to Keeping Remote Workers Secure
  • 11. 3. Configuration management. VPN is your first line of defense. Pay extra attention to GPO policies, configuration settings, and controlling the systems attached to your network. Recommendations: • Configure VPN for allowed devices only • Not a good idea to have EVERYONE on your VPN • Make sure customers have the right security structure before joining your network 5 Steps to Keeping Remote Workers Secure
  • 12. 4. Patching is critical now more than ever. It’s possible that you’ll need to patch non-corporate owned devices. Recommendations: • Ivanti patching solutions (yes, we’re bragging) • Best in class remote patch management 5 Steps to Keeping Remote Workers Secure
  • 13. 5.) AV is a must on all your remote systems. Ivanti utilizes Crowdstrike’s AV/AM. We did a global rollout to 1700+ devices and only one person noticed. Recommendations: • Make rollout a “non-event” 5 Steps to Keeping Remote Workers Secure
  • 14. Q&A
  • 15. Get the latest updates at: ivanti.com/ThreatThursday Thank You!

Editor's Notes

  1. https://www.bleepingcomputer.com/news/security/netwalker-ransomware-infecting-users-via-coronavirus-phishing/
  2. https://www.bleepingcomputer.com/news/security/netwalker-ransomware-infecting-users-via-coronavirus-phishing/
  3. https://krebsonsecurity.com/2020/03/live-coronavirus-map-used-to-spread-malware/
  4. https://www.bleepingcomputer.com/news/security/ransomware-gangs-to-stop-attacking-health-orgs-during-pandemic/?utm_content=buffercfe21&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
  5. https://www.bleepingcomputer.com/news/security/netwalker-ransomware-infecting-users-via-coronavirus-phishing/