COVID-19 executive cyber briefing

COVID-19 executive cyber briefing: 22 April 2020 | Data Privacy

This week we highlight a few of the issues and related cyber threats impacting consumers, non-profit organizations as well as healthcare organizations globally. The ongoing COVID-19 pandemic has amplified risk factors by increasing the volume of attacks that target user data and impact their privacy. In addition, the Research from Deloitte Cyber Threat Intelligence (CTI) indicates COVID-19 pandemic responses by healthcare providers and research institutes are hampered by cyber adversaries who are launching cyber-attacks around the globe targeted at critical health care infrastructure.

Did you know? Multiple COVID-19 related watering hole attacks were launched to steal information such as browser cookies, history, payment information, form autofill information and saved login credentials. A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.

Questions on data privacy: As societies transition into the “next normal”, whenever their governments deem the timing right, traditional organizations have some tough decisions to make around how to bring employees and customers back into their businesses. Do they take temperatures, wait for antibody testing, do they ask for health disclosures? Whichever path they choose, there will be considerations to be made around data privacy. This issue provides questions organizations should be asking themselves on data privacy and protection to help start the conversations around creation or collection; analysis and use; storage and processing; sharing and transferring and retention and destruction.

COVID-19 executive cyber briefing: 15 April 2020 | Critical infrastructure

Deloitte is issuing weekly high-level briefs for organizational leadership that focus on some of the most current cyber threats and trends as identified by Deloitte Cyber Threat Intelligence (CTI), with near-term recommendations on managing cyber risks to Respond, Recover and Thrive through the COVID-19 global pandemic.

This week’s issue focuses on managing cyber in the remote workforce. Many organizations are relying on employees to use personal devices to access company systems and are vulnerable to cyber threats such as:

• Cybercriminals and advanced persistence threat (APT) groups are delivering a wide range of malware variants through unprotected devices and end points
• COVID-19 themed phishing schemes are wreaking havoc for organizations and employees
• Threats have targeted home routers and video and audio-conferencing tools, which are creating risk to intellectual property and proprietary conversations.

We encourage you to read the full brief on cyber risks and suggested top actions and we remain at your disposal should you wish to discuss further or share additional views around this topic.