COVID-19: Useful Cybersecurity Resources
New Zealand’s National Cyber Security Centre (NCSC) is encouraging organisations to maintain a high level of cyber security resilience and awareness during the national response to COVID-19. Cyber actors are likely to exploit public concern around COVID-19, and all organisations should ensure they have robust cybersecurity measures in place.
On this page we’ve compiled a list of resources produced by our partner agencies and other trusted organisations to help address cybersecurity challenges that are likely to emerge as more people work from home. We intend to regularly update this page as further information becomes available.
Update for April 6th, 2020
- The FBI has issued a summary of recent cyber crime activity related to COVID-19 and provided cybersecurity advice for remote workers and the education sector.
Update for March 27th, 2020
- The Australian Cyber Security Centre (ACSC) has written a useful overview of malicious cyber activity being observed during the COVID-19 crisis, including real-world examples of phishing emails and working-from-home scams.
Updates for March 20th to 26th, 2020
- New Zealand’s Computer Emergency Response Team (CERT) has issued an advisory detailing reports of attackers using COVID-19 themed scams. Further COVID-19 guidance from CERT can be viewed here.
- The ACSC has produced a helpful guide to detecting socially engineered messages.
- The UK’s National Cyber Security Centre has released advice to help people identify and deal with suspicious emails.
- Also from the UK’s NCSC is guidance for organisations on choosing and purchasing mobile devices for end users.
- Criminals are using the names of legitimate entities such as the World Health Organisation (WHO) or the U.S. Centres for Disease Control and Prevention (CDC) in attempts to obtain personal information or funds. Read the warning issued by the WHO for further information.
- The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued recommendations for improving enterprise Virtual Private Network (VPN) resilience. Also from CISA is advice on risk management for COVID-19.
- And finally, we suggest reading our own guidance on helping organisations and staff stay secure while working remotely.