Office Hours: Webroot and COVID-19 September 29, 2020

  • 29 September 2020
  • 8 replies
  • 87 views

Userlevel 7
Badge +48
  • Community and Advocacy Manager
  • 1644 replies

Hello Webroot Community, 

I wanted to create a space for us to come together and discuss Webroot and COVID-19.

Consider this our office hours. 

In case you might have missed it, we created a page here where we’ll keep a running list of articles, blog posts, and other pieces of content about our COVID-19 response.

If you have specific questions on what we’re doing as a company during the pandemic and our tips for how you can stay cyber resilient in these uncertain times. 

Please add your questions below or join us Tuesday, September 29, 2020, at 1:00 PM - 1:30 PM MT


This topic has been closed for comments

8 replies

Userlevel 7
Badge +48

Hey everyone, happy Tuesday. 

I hope your week is off to a great start. 

We’ve got a few more questions coming in this week that we’ll get to in just a second. 

Userlevel 7
Badge +48

What changes has Webroot implemented to help protect users more with the shift in working styles due to the pandemic? - Koby D. 

If we ever entered another pandemic what advice would you give to your former self? - Daniel C. 

What is the most common phishing scams that have arisen during the pandemic - David J.

What are the top three things that you recommend for the covered remote workspace issues - James W. 

Who are the primary targets for cyber attacks now that more users are working from home, vulnerable to attacks. What should be in place both at the workplace and the end user to hell connect securely to reduce chances of an attack? - Asad P.

Userlevel 6
Badge +14

What is the most common phishing scams that have arisen during the pandemic - David J.

 

This year is all about the pandemic and almost all the malspam phishing lures used by malware are based on COVID-19. The most common lures are around safe guidelines on how to protect yourself pretending to be from the CDC, WHO, NHO and White House asking you to download a word doc. We also saw fake pandemic stimulus lures and expect those to resurface if there is another stimulus approved. Once the word doc is downloaded from the attachment or link, it will ask the user to click the “enable content” button. This is what’s known as a macro, which if the user clicks on, will deliver the malware to their machine and is the scam that users should avoid at all costs. Macros are the most popular way criminals get victims to turn a word document into a malicious payload that can infect the entire network.

Userlevel 6
Badge +14

Who are the primary targets for cyber attacks now that more users are working from home, vulnerable to attacks. What should be in place both at the workplace and the end user to hell connect securely to reduce chances of an attack? - Asad Parker

 

Everyone is the target since 82% of malicious internet traffic is from malspam campaigns like emotet. But the juiciest targets have always been SMBs, Gov, Healthcare, Education sectors as those usually have the most amount of computers, but least amount of IT staff and IT budget which usually means lower quality protection and environment measures (stems from less budget). The biggest and most notorious issue is unsecured RDP. These organizations love using Microsoft RDP that has major gaping backdoor issues if you just turn it on and leave it on defaults - Criminals can just brute force the credentials.

 

Unsecured RDP might be the biggest fix an IT person can do. Make sure to use premium solutions that encrypt the traffic and have 2fa. If premium can’t be used and they’re told they have to use microsoft’s since it’s free, then restrict to whitelist IP range only and have anyone who wants to connect to those machines VPN into the corporate intranet and then they can connect. Making sure the entire workforce is set up to work remotely and securely is super important. Make sure they have corporate issued laptops with group policies and access controls and that data is encrypted at rest and in transit. If employees have to use personal devices, then they have to VPN to access anything from work network, unless they are using APIs embedded into web apps like outlook365 and microsoft teams through the web browser. 

Userlevel 6
Badge +14

If we ever entered another pandemic what advice would you give to your former self? - Daniel C. 

 

Sell your stocks and buy toilet paper, hand sanitizer, firearms early. Then sell the Toilet paper, hand sanitizer and firearms during peak pandemic, and then buy the stocks

Userlevel 4
Badge +2

What changes has Webroot implemented to help protect users more with the shift in working styles due to the pandemic? - Koby D. 

Whoa big question. It was less Webroot and more OpenText our parent company. Since January they have had Project Shield in operation looking at all aspects of ensuring we can work safely no matter where any of the 15,000 staff are located.  I think regular COVID-19 briefings (weekly at the beginning ) from our CEP Mark and his team helped explain their stance and approach.

  • They ensured both from a security and technology perspective we could work remotely.
  • They established clear policies and statuses around who could or couldn’t work in an office and whether that office was closed, partly open, open to 50%, etc
  • Our offices themselves are transformed by signage and meeting rooms either closed or limited usage etc.
  • Basically a ton of effort into keeping people informed and safe.
  • We were also allowed to collect and use office equipment as long as e had managerial approval i.e., chairs, screens etc.
  • They have introduced various services and initiatives to preserve mental and physical health.

Of course, this is still all ongoing and I think at first our management over-communicated and shared.

Userlevel 4
Badge +2

If we ever entered another pandemic what advice would you give to your former self? - Daniel C. 

That’s easy – buy lots of toilet paper! No just joking (well partly).

I sincerely hope this is the last one I’ll experience but I do think not to be too paranoid but stay calm.

Use common sense and questioning so you don’t blindly accept the advice of others – it will be complex.

Try to find trusted, factual sources on information not colored by government 

Be prepared to  fully isolate.

Have more friends and colleagues to talk to and use technology for communicating.

Consider others as well as yourself, help where you can.

In the end ‘no man is an island’ - that leads to madness

Userlevel 7
Badge +48

Thanks @GeorgeA and @TylerM for answering questions today! 

See everyone next week.