The COVID-19 pandemic is making life unrecognizable for most of us and has presented a host of new, unique challenges for security teams. Suddenly, the digital transformation has gone into hyperdrive. Personnel, forced to work from home, have dispersed entire businesses and their operations, and moved the perimeters of their organization's digital attack surfaces with them.
Making things even harder for practitioners is a surge of attacks against people and businesses by criminals exploiting the global anxiety around the outbreak. These attacks are reprehensible, but, unfortunately, increasing in volume each day.
As a cybersecurity community, we need to work together, pool our resources, and enable one another to defend our organizations during this period of uncertainty and heightened danger. To do our part, RiskIQ is now offering the following to the community for no charge.
RiskIQ COVID-19 daily update Intelligence report from the i3 team
This intelligence will help inform the decisions of security teams, who face new requirements during these unprecedented times. With these reports, RiskIQ strives to provide the security community with a single source of factual reporting and informed analysis to help them discover unknowns about their environment and investigate threats. Each report combines major updates around COVID-19 and its impacts on cities, neighborhoods, schools, and businesses as well as other essential data that helps raise the situational awareness of both physical and cybersecurity teams.
Infrastructure observations and 30-day PT access
Criminals have always found success using disasters and global epidemics in cyberattacks, and COVID-19 is no different. Our global telemetry is showing us a spike in threat infrastructure related to the pandemic that attackers are using to social engineer victims. To push back, we're providing lists of newly observed infrastructure matching coronavirus themes.
RiskIQ is providing a 30-day extended access code for Security Analysts and Threat Hunters looking to investigate this newly observed infrastructure. Apply the promo code, “COVID19”, from the account settings page to enable the extended access. Users without an existing account can register for free.
Those looking to learn how to hunt for threats, or existing analysts wishing to brush-up their skills, can check-out the On-Demand Threat Hunting Workshops taught by co-founder and PassiveTotal developer, Brandon Dixon. The class has two playlists—methodologies and data sources—with several modules.
Free Digital Footprint snapshot
Security protocols have changed overnight. Firewalls, DLP, and network monitoring are no longer effective with the majority of business staff working from home. Attackers now have far more access points to probe or exploit, with little-to-no security oversight. Meanwhile, IT is standing up new systems in a hurry and likely succumbing to human error, such as critical misconfigurations. RiskIQ is offering a quick and easy way to understand digital assets that are connected to your organization outside the firewall, even as your digital attack surface expands in unprecedented ways. Interested parties can email firstname.lastname@example.org to get a free Digital Footprint Snapshot report.
Let us know if you require more comprehensive coverage of your digital attack surface or additional data sets for your threat investigations.
Additional Partner Resources
The RiskIQ Intelligence Connector for Microsoft Azure Sentinel Is the Context-Rich Force Multiplier Security Teams Need
Digital initiatives have changed the enterprise attack surface and how organizations appear online, both to users and malicious actors. Meanwhile, the threat landscape has evo...