Cyber

CISA: Stay alert, implement good cyber-hygiene to reduce threats when teleworking

A new alert from the Cybersecurity and Infrastructure Security Agency focuses on how to protect VPNs, which many workers use to connect to their organizations' networks remotely.

By Jackson Barnett

March 13, 2020

(Getty Images)

Attackers will have additional opportunities to break into networks in the coming weeks as more U.S. workers log on from home as the country responds to the COVID-19 outbreak, warns the Cybersecurity and Infrastructure Security Agency (CISA) in an alert Friday to the public.

Any organization that uses virtual private networks (VPNs), including agencies at all levels of government, should remember basic cyber-hygiene procedures such as updating and patching networks, staying alert to phishing attempts and using multi-factor authentication when possible. For organizations without multiple-factor authentication, CISA recommends at least using strong passwords.

“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” the agency said in its alert. For IT professionals, CISA points to a July 2016 guide to telework security from the National Institute of Standards and Technology.

As the novel coronavirus spreads, it has brought with it a spike in phishing and other malicious attacks using fear of the virus as part of their attempts to breach networks.

There are tools that federal agencies are permitted to use, such as Google G Suite, Slack, Cisco and Zoom. The platforms have all been FedRAMP authorized to some degree, and many agencies are already paying for them.

CISA: Stay alert, implement good cyber-hygiene to reduce threats when teleworking

More Like This

ICE pursuing privacy approvals related to controversial phone location data

House Modernization panel advances bill to improve CRS’s data access in first-ever markup

How Google Cloud AI and Assured Workloads can enhance public sector security, compliance and service delivery at scale

Top Stories

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

Federal CIO calls on Congress to fund Technology Modernization Fund

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

Commerce adds five members to AI Safety Institute leadership

Kiran Ahuja to step down as OPM director

More Scoops

CISA, OMB release secure software development attestation form

Federal Highway Administration wants feedback on proposal to use cyber tool

CISA establishing new office focused on zero trust

Federal IT officials call on CISA for tougher standards, more coordination

CISA releases new guidance on boosting open source software security

Stumbling blocks abound in federal push to stronger identity and access management, CISA and NSA panel finds

Federal cyber contractor IronNet, founded by Keith Alexander, considering bankruptcy, will furlough workers

Latest Podcasts

CISA: Stay alert, implement good cyber-hygiene to reduce threats when teleworking

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

ManTech leaders discuss innovation and security with Google technologies

Tech

Defense

Cyber

Acquisition