Cybersecurity Practices for Virtual Teams

This article highlights a St. Louis federal court indicted 14 North Korean nationals for allegedly using false identities to secure remote IT jobs at U.S. companies and nonprofits. Working through DPRK-controlled firms in China and Russia, the suspects are accused of violating U.S. sanctions and committing crimes such as wire fraud, money laundering, and identity theft. Their actions involved masking their true nationalities and locations to gain unauthorized access and financial benefits. To prevent similar schemes from affecting you businesses, we recommend a multi-layered approach to security, recruitment, and compliance practices. Below are key measures: 1. Enhanced Recruitment and Background Verification - Identity Verification: Implement strict verification procedures, including checking legal identification and performing background and reference checks. Geolocation Monitoring: Use tools to verify candidates’ actual geographic locations. Require in-person interviews for critical roles. - Portfolio Validation: Request verifiable references and cross-check submitted credentials or work samples with previous employers. - Deepfake Detection Tools: Analyze video interviews for signs of deepfake manipulation, such as unnatural facial movements, mismatched audio-visual syncing, or artifacts in the video. - Vendor Assessments: Conduct due diligence on contractors, especially in IT services, to ensure they comply with sanctions and security requirements. 2. Cybersecurity and Fraud Prevention - Access Control: Limit access to sensitive data and systems based on job roles and implement zero-trust security principles. - Network Monitoring: Monitor for suspicious activity, such as access from IPs associated with VPNs or high-risk countries. - Two-Factor Authentication (2FA): Enforce 2FA for all employee accounts to secure logins and prevent unauthorized access. - Device Management: Require company-issued devices with endpoint protection for remote work to prevent external control. - AI and Behavioral Analytics: Monitor employee behavior for anomalies such as unusual working hours, repeated access to restricted data, or large data downloads. 3. Employee Training and Incident Response - Cybersecurity Awareness: Regularly train employees on recognizing phishing, social engineering, and fraud attempts, using simulations to enhance awareness of emerging threats like deepfakes. - Incident Management and Reporting: Develop a clear plan to handle cybersecurity or fraud incidents, including internal investigations and containment protocols. - Cross-Functional Drills and Communication: Conduct company-wide simulations to test response plans and promote a culture of security through leadership-driven initiatives. #Cybersecurity #HumanResources #Deepfake #Recruiting #InsiderThreats

Simplifying The Cybers™ Month - July 22 Say Hello to MATANBUCHUS! Hackers are now impersonating IT help desk staff and calling users directly through Microsoft Teams. Their goal? To convince you to download malware, specifically a strain called Matanbuchus. They use social engineering to make it sound like a legitimate support request. This is more than just phishing and click-dependent email, this is voice-based social engineering on platforms you trust. Here’s how to protect yourself and your team: 👉 Don’t let anyone remote into your device unless you’re 100% sure who they are. Verify their identity through a known internal contact or your company’s official help desk channel. 👉 Turn on multi-factor authentication (MFA) for all your communication platforms, including Teams and email. I KNOW, I say this ALL THE TIME. There is a reason - a large percentage of people and companies STILL don't use it appropriately. IMHO anyway! 👉 If something feels urgent or out of the ordinary, slow down. These criminal Social engineers create a false sense of urgency to bypass your judgment. If something seems off, trust your gut and escalate through the right channels. These kinds of attacks rely on familiarity. Teams feels safe because it’s internal. But bad actors are exploiting that trust. This is happening to companies of ALL sizes, don't think you are too small to be a target. If you’re in charge of cybersecurity awareness at your organization, this is the kind of example worth sharing in your next training session. Stay sharp and be Cyber Safe. Share/repost/comment - do the things, please. #CyberSecurity #SocialEngineering #SecurityAwareness #KnowledgeIsProtection #CyBUrSmart #MATANBUCHUS

Practice and train on the fundamentals - they are always relevant! We wrapped up our periodic internal Security Training this past week, and here are some of the takeaways I thought were interesting, as well as a friendly reminder to practice the basics of security hygiene - BOTH at home AND at work: 🔹 Phishing is the initial attack vector for 41% of all incidents (34 billion phishing emails sent daily) - you've probably noticed, AI is helping them become much more contextual, relevant, and effective. Keep this top of mind for your team! 🔑 In 2024, 86% of data breaches involved stolen credentials. Here are some Password Best Practices: 1. Do not reuse passwords: use a UNIQUE password EVERYWHERE 2. Use a password manager and keep personal passwords out of your company password manager 3. Always change the default passwords on devices (e.g. home router) 4. Enable MFA everywhere you can (a passkey is even better!) 🔥 CISA says MFA makes you 99% less likely to get hacked 🔥 5. Do not approve MFA requests that you did not initiate 💻 🏡 Remote Working Best Practices: 1. Always connect with secure mechanisms and only share data through approved channels 2. Secure Home WiFi (use WPA2/WPA3 encryption with a strong, unique password) 3. Segment your Home Network (keep IoT devices off your primary network; create separate segments for work, personal, IoT) 4. Clean Desk and Clear Screen Applies at Home  5. Travel Abroad? Get IT approval/support if you plan to work abroad; VPN must be utilized #InfoSec #cybersecurity

two years ago, I decided to make my team distributed. The results? Absolutely amazing, I got a 1.5x increase in productivity while cutting costs! However, I learned the hard way that having a global team means we need to be extra careful with our data security. 🏴☠️ It's not just about ticking boxes, it's about protecting our innovations and keeping our clients' trust. ♾️ ⬇️ Here are some simple steps that have made a big difference for us _ Encrypt Everything: We make sure all our data is encrypted, whether it's stored or being sent. _Limit Access: Only team members who need certain data can access it. _Use Secure Channels: We share code and data through encrypted apps and VPNs. _Protect Devices: Everyone keeps their devices updated with the latest security software. _Enable Two-Factor Authentication: Adds an extra layer of security when logging in. _Regular Security Checks: We routinely check for vulnerabilities and fix them quickly. _Secure Backups: We keep backups in a safe place so we don't lose anything important. _Team Training: Everyone on the team knows the basics of cybersecurity. _Stay Compliant: We keep up with data protection laws to stay on the right side of regulations. Making these changes wasn't always easy, but it was definitely worth it. 🙌 I'd love to know how you handle data security with your teams. Any tips or experiences you'd like to share? Let's learn from each other! 🗯️