NZ IT managers urged to revisit security following hasty lockdown changes

CERT NZ cites a rise in ransomware and RDP attacks during the COVID-19 pandemic, at a time when companies may have made changes that compromise security.

Application security  >  Software code + data protected with a lock

If they haven’t already, IT managers should be going back over all the changes they made at speed during the first COVID-19 lockdown to ensure the correct security protocols are in place. That’s the advice from CERT NZ, whose half-yearly report shows a spike in security incidents in April and May 2020.

CERT NZ recorded 3,102 incidents between 1 January and 30 June 2020 — a 42% increase on the same time period last year. Deputy director Declan Ingram says the move to lockdown occurred during a number of high-profile technical vulnerabilities in remote access solutions, further compounding the issue for IT managers and chief security officers.

“We also saw a lot of organisations that moved to open up RDP [Remote Desktop Protocol] and of course after that we’ve seen numerous ransomware campaigns targeting RDP,” he says. “So really our messaging around COVID, and the important thing for IT managers to do now, is to make sure that they go back over all of those changes that were made very, very quickly and make sure that all of the t’s were crossed and the i’s were dotted, in terms of the security governance associated with those changes. And to make sure they haven’t moved that risk profile of the organisation somewhere that’s going to get them into trouble.”

Dealing with the rise in ransomware

Ingram says that after the WannaCry ransomware attack, in which “the world scared itself with what could happen and how bad it could be”, ransomware threats dropped off for a while.

To continue reading this article register now

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon