In the midst of this unprecedented global health crisis affecting the whole world, hackers are taking advantage of it by looking for ways to compromise companies’ IT systems and get access to valuable data. They are using the pandemic as an opportunity to carry out targeted cyberattacks, so now more than ever should companies stay alert of the increasing cyber-risks and take actions to protect themselves.
While entrepreneurs are busy keeping their businesses afloat during the coronavirus quarantine, making sure they can still operate once lockdown restrictions have been lifted, many are likely to neglect cybersecurity. This is totally understandable, given these unprecedented times and always-on remote working is certainly not normal for most IT and security employees. However, not putting cybersecurity at the top of your agenda means that your business could become an easy target for cyberattacks.
In a pandemic of this scale, dependency on digital communication multiplies. The Internet has become THE main channel for human interaction and the primary way to work. With ever more businesses moving their data from on premises to the Cloud, the need for a secure infrastructure that protects all remotely stored data has risen sharply.
To fight coronavirus-related hacking, an international group of nearly 400 volunteers with expertise in cybersecurity has been formed, which is welcome news as these experts will be working to combat hacks against medical facilities, health organisations and other frontline responders to the pandemic. Another key focus of the group, called the COVID-19 CTI League, is the defence of communication networks and services that have become essential as more businesses need to continue to operate while their employees work from home.
The COVID-19 CTI League has also been looking at the most common fraud tactics used by cybercriminals in light of the pandemic. Among these are phishing attacks and social engineering.
Let’s look into these in more detail and explore how you can protect your business.
The cybersecurity experts from the COVID-19 CTI League have reported a “never before seen” uptake in phishing messages in every human language possible since the coronavirus outbreak. These messages are designed to trick you and your colleagues into revealing usernames and passwords. By getting access to those details, hackers can use the data to take control of your bank, email or other accounts.
To avoid becoming a victim, staff must not respond to any emails or instant messages from unknown senders that ask for their personal information or financial details. Secondly, check the phone number provided in the email against the official number of the bank – if they do not match, do not call this number to verify financial information. Finally, make sure employees have anti-virus and anti-spyware software in place that safeguards all online operations.
Social engineering occurs when hackers use psychological manipulation to trick you into making security mistakes or giving away sensitive information. The current situation could be incredibly distressing for many businesses. While worrying how to get funding for your businesses or if you’d be able to financially recognise your employees at the end of the month, you can get incited to take actions that would be considered irrational in other circumstances.
For example, a recent global cyberattack targeted people looking for visuals of the spread of COVID-19. The malware was concealed in a map displaying coronavirus statistics loaded from a legitimate online source. Viewers were asked to download and run a malicious application which compromised their devices and allowed hackers to access stored passwords.
It’s important that your teams are extra vigilant when giving out any personal information. In this stressful time, it’s important to revisit the basics: Don’t click on links from emails if you do not recognise and verify the source of every URL before you click on them. Digital viruses spread much like physical ones and if one employee makes a mistake this could very well contaminate others within the organisation. That’s why being extra careful and educating your staff on how to react in similar situations is essential, in order to keep your business secure.
Staying digitally safe while working from home
Due to the scale of the pandemic ever more businesses (and local governments) are enforcing ‘work from home’ policies in order to keep their employees safe and healthy, and to keep the business going. Our social interactions today come down to video calls, social media posts and communicating via instant messaging platforms. In this context, a cyberattack that deprives organisations and families of access to the internet, their devices or data could be devastating.
So here are some simple tips to follow to make sure your home network is secure:
- Make sure that you have a long, complex password for your home Wi-Fi and that system firewalls are active on your router. Here’s a useful guide we’ve put together to help you create a secure password.
- Do not use the same password for different accounts across the web.
- Use a reliable VPN for internet access.
- If you have other smart devices connected to your home network such as a smart speaker, smart thermostat, smart coffee machine, etc. ensure that you have changed their default passwords to more complex ones and don’t share these with anyone else.
- In case you need to turn your smartphone into a Wi-Fi hotspot, it’s important that you create a strong password as this would protect you from situations where your internet bandwidth gets stolen by other devices and users.
In conclusion, maintaining high levels of cybersecurity is essential for the survival of any business during and after the pandemic. Being familiar with the types of fraud that can threaten business and knowing how to deal with them is key in making sure we don’t fall victims. Furthermore, ensuring a high level of security of your “working from home” station is key in keeping your business and family safe and thriving.
We hope that you and your families stay healthy and safe during these unusual times.
*** This is a Security Bloggers Network syndicated blog from Enterprise Security – Thales blog authored by Todd Moore. Read the original post at: https://dis-blog.thalesgroup.com/security/2020/04/07/how-to-protect-your-business-against-coronavirus-related-cyberattacks/