With what seems like all of our attention focused on COVID-19, there is, unfortunately, an elevated threat of cyber-related phishing, scams and misinformation campaigns going on nationwide. The FBI is also warning of teleconferencing and online classroom hijacking (also called “Zoom-bombing”), when conferences using Zoom software are being disrupted by pornographic and/or hate images and threatening language.
5NINES takes the risk of cyber-attacks very seriously, which is why we have remain vigilant and have continuous defenses in place to protect our applications, and data, networks as well as an alert system to notify us of cyber incidents. We are also connected to the Wisconsin Statewide Intelligence Center, Federal Bureau of Investigation, Department of Homeland Security, Secret Service, and other organizations, which share information on recent threats.
While we have protection in place, there is never a defense that is completely secure. As a result, we would like to remind all our customers and partners that if you see something, say something. Aside from staying in place, another thing you can do is be vigilant. Anything out of the ordinary should be reported to your respective Help Desk or 5NINES as soon as possible. Our first line of defense is our own awareness.
How can you assist in your company’s cybersecurity efforts?
- If you see something, say something!
- Do not click on links or attachments from senders that you do not recognize.
- Do not provide sensitive personal information (like usernames and passwords) over email.
- Watch for email senders that use suspicious or misleading email names.
- Inspect URLs carefully to make sure they’re legitimate and not imposter sites.
- Do not try to open any shared document that you’re not expecting to receive.
- If the email appears to be from someone you know but is asking you for something that is not normal, confirm it via a phone number you have or in person.
- If you can’t tell if an email is legitimate or not, please speak (or by phone) directly with the sender to verify the email
- Established a policy that requires internal controls for approvals of financial requests
- Create strong passwords for your accounts. It’s simple – the longer and more complex your password, the more difficult it is to crack.
- In regard to Zoom meetings, do not make meetings or classrooms public. There are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests. (Read more here – link to only article)
- Lastly, ensure that your organization’s telework policy or guide addresses requirements for physical and information security.
More specific to the current situation related to disinformation campaigns, it is important to be skeptical about social media and rely on official sources such as the Center for Disease Control (CDC) or the Wisconsin Dept, of Health Services for facts.
In addition, 5NINES offers several services that provide employee training, If you have any questions, please contact us at firstname.lastname@example.org.