In a time of crisis, pushing cybersecurity to the back burner might be tempting. Many believe that using strong passwords or two-factor authentication is too much trouble when you have so many other concerns. In fact, now is the very best time to evaluate and strengthen your security posture. A joint alert from DHS and NCSC shows that threat groups worldwide are taking advantage of current stress and upheaval to attack a variety of targets. In particular, nation-states, driven by intense competition towards COVID-19 mitigations, are employing credential spraying techniques to gain access to healthcare, pharmaceutical, research, and similar types of organisations. Credential spraying attempts to use common, weak passwords across a list of user names which are harvested ahead of an attack. The DHS/NCSC alert also mentions the importance of upgrading infrastructure and services. Outdated software and software components often have known vulnerabilities that can be exploited by attackers looking to gain a foothold in an organisation. The alert has a list of excellent recommendations around password security and infrastructure maintenance. None of this is new. The only thing that has changed is the intensity of the attacks, coupled with a shaken workforce that must work harder to make good decisions every day.  Read Less