|
| Cybersecurity attack | Countermeasures techniques |
|
| (1) Remote access infrastructure attacks | (i) Strengthen your home network using firewall, IDS, and IPS. |
| (2) Different technologies | (i) Prepare new technologies, support team, and hotlines for employees to be able to ask for help. |
| (ii) Test the new technologies and application programs features and ensure that they work as described. |
| (3) Using personal devices | (i) Only download mobile applications and software from trusted sources. |
| (ii) Regular scans are required on personal devices and computers. |
| (iii) Backup all your important information regularly. |
| (4) Unauthorized access | (i) Use strong passwords. |
| (ii) Update passwords periodically. |
| (iii) Make sure that any administration vulnerabilities are mitigated. |
| (iv) Remove or disable any third party that is not needed anymore. |
| (5) Social engineering attacks | (i) If the used machine is working property, you must contact the IT administrator/department. |
| (ii) If the bank details were provided, the bank authorities have to be notified. |
| (iii) If you think your account has already been hacked (you may have received messages sent from your account that you do not recognize, or you may have been locked out of your account), refer to service provider guidance on recovering a hacked account. |
| (iv) Full antivirus (AV) scan should be conducted to clean up any problems it finds. |
| (v) If the password is provided, it has to be changed immediately. |
| (6) Phishing attacks | (i) Carefully handle SMS text messages related to COVID-19, either the word “COVID-19” is stated in the subject line, attachment, or hyperlink, and be cautioned about COVID-19-related calls. |
| (ii) Before opening an email or SMS, consider who is sending it to you and what they are asking you to do. Organization call could be an appropriate way to verify the email or the SMS message. |
| (iii) Avoid contacting the phone number or replying to the email address stated in the message or the message came from. It is most likely belonging to a scammer. |
| (7) Distributed denial of service (DDOS) attack | (i) Use systems for intrusion detection (IDS) and intrusion protection (IPS). |
| (ii) Use good antivirus and antispyware protection on all Internet-connected devices. |
| (iii) Apply file and folder hashes to identify system files and folders where they have been compromised. |
| (iv) Reverse DNS lookup for source address verification. |
| (v) Applying filters on unnecessary traffic minimizes the DoS attack. Also, you can contact your ISP to filter closer to the source and reduce the bandwidth used by the attack. |
| (vi) Hardening practices on all computers, particularly servers and directory and resource servers exposed to the public. |
| (8) Ransomware attack | (i) Backup all of your important files and save them on an external drive (e.g., in the cloud) independently of your system. |
| (ii) Deactivate obsolete or third-party components that may be used as points of entry. |
| (iii) Download applications from only trusted platforms or any other software. |
| (iv) Must not click on emails that you do not expect to receive or from an unacquainted sender. |
| (v) As usual, notify the local police if you suspect that you are the victim of a crime. |
| (vi) Remote users might need to use software different from what they do in their offices (or use familiar apps in a different way). For these features, you should produce written guides and test how the software operates as described. |
| (9) Physical attacks | (i) Ensure that staff know what to expect if their computer is lost or stolen, such as who to talk to. Encourage users to record losses as early as possible. |
| (ii) Ensure data encryption at rest, securing computer data if damaged or compromised. Most modern computers are encrypted, but encryption will also need to be activated and installed. |
| (iii) Reporting odd activities such as looking through windows of closed shops or attempting to unlock doors. |
| (iv) Maintain windows clear of merchandise, clear all cash from the premises, protect all doors and windows with strong locks, and ensure the alarms, surveillance cameras, and exterior lighting are in proper working order. |
| (v) Check companies frequently to ensure that no protective equipment is destroyed or removed. |
|
