ITC THREAT HORIZON: CYBER RESILIENCE
The highly infectious coronavirus (COVID-19) continues to spread globally and is causing disruption to many businesses and their security operations. Whilst many things are still unknown about the disease, it is of particular concern because of how contagious the virus is.
Over the past weeks we have been working around the clock to review and test our business resilience plans.
Business resilience at ITC
At ITC our services continue to operate uninterrupted, 24 hours a day from our Security Operations Centre (SOC) in London. We have reviewed and tested all our business continuity and disaster recovery plans. As a precautionary step, we have activated our internal crisis management team to review the fast-changing situation around COVID-19 daily. Our teams have been briefed about the virus and are aware of what to do in the various scenarios that may unfold. We are also proactively working with our suppliers to ensure the continued smooth running of our services and ongoing projects.
It remains business as usual at ITC.
We are prepared in the case that the situation may worsen, and our business resilience testing has covered many possible scenarios, including validating full secure remote working capabilities for all teams and preserving the health of our people; to ensure the services from ITC will not be interrupted.
We are working closely with ITC customers who are taking additional precautions and have encouraged remote working for their own employees. The ITC teams have adapted project delivery and ongoing managed services to accommodate customer circumstances. Existing customers will receive additional contact from their ITC service manager to ensure we maintain appropriate working arrangements to protect all individuals involved.
Any international travel for our teams is being carefully considered and we are closely following the regularly updated guidelines from the UK Foreign & Commonwealth Office and the US Centers for Disease Control and Prevention.
Rise of related cyber attacks
Our Security Operations Centre has identified a rise in cyber-attacks related to COVID-19 and continues to monitor cyber-attacks taking advantage of the virus. Since the outbreak began in China our SOC has seen an increase in phishing emails pretending to be from the World Health Organisation (WHO). They encourage users to download instructions to prevent the spread of COVID-19 but deliver Emotet, a version of a banking trojan designed to steal the victims banking details. Our SOC has noticed an increase in cases where Emotet has been used for further attacks to load ransomware, making this a dangerous strain of malware.
Disruption of hardware supply
Several factories in China have been temporarily shut down; to limit the spread of COVID-19. This is causing a steep decline in production of some networking and cyber security hardware manufactured in China, and devices that depend on a part manufactured in one of these idle factories.
There is currently no delay to orders already placed and any possible delay will be considered when quoting on new orders.
ITC service managers and account managers will work with our existing customers to accelerate critical orders and possibly acquire redundant hardware for critical systems.
Disruption to global security operations
Additionally, we expect to see a rise in global cyber-attacks. Dark web conversations observed by our SOC indicate that bad actors are planning to take advantage of depleted and disrupted security teams globally.
The UK government has publicly said that UK businesses should plan over 50% of employees to be affected by COVID-19, and possibly be off sick, by summer 2020. Such a scenario would clearly cause significant disruption to internal security teams and operation centres.
Our highly resilient 24-hour Security Operations Centre is available to provide additional cyber security capacity or capabilities during this time.
Please contact your service manager, account manager, or Jonathan Muir for new customers, to discuss how ITC can provide additional support, even on an interim basis.
Thank you for your support and vigilance.
Chief Executive, ITC Secure