Remote workers can be especially vulnerable to cyberattacks. Here are six ways to prevent that
The COVID-19 pandemic is affecting every facet of our daily lives, including the ways cybercriminals exploit their victims. There has been a rapid surge in threats taking advantage of consumers’ fears of the virus, with an increase from around 100 attempts in January to more than 26,000 in March.
So far, Zscaler’s ThreatLabZ threat intelligence and response team has found numerous scams preying on this crisis. From apps promising a way to identify people infected with COVID-19 or to obtain preventive supplies, to a flood of new domains related to the virus (many with malicious intent). More recently, sites have been offering potential treatment drugs such as hydroxychloroquine as cybercriminals pull out all the stops—and they are specifically targeting remote workers.
Employees who are working remotely for the first time may not understand how easy it is to fall prey to cyberattacks, so it’s important for everyone to operate with the same caution (if not more) than they would in an office. Here are some tips for how remote workers can stay secure online and avoid falling victim to COVID-19-related threats:
- Find trusted sources of information that are fact-based about the situation and stay informed on what’s happening in your local area (city, county, state) and your company, along with general news and weather.
- When surfing the web for COVID-19 news, stick to official and reputable sources for COVID-19 information (such as the CDC, local state governments and city sites). There are several apps and websites claiming to offer masks, tests or COVID-19-related trackers, but a majority of these are scams and can result in information theft, account compromise or malware installed on your system.
- Be wary of phishing and financial scams asking for emergency funds. Given that a majority of employees are working remotely, attackers may send an email pretending to be one of your colleagues asking for urgent funds for some emergency situation (medical treatment, for example). You should slow down, stop and think. Look at the email address and ask if it is a known address. Hover over the email address with your mouse and see if the email address is legitimate. While everyone is remote, you can still always call your colleague to confirm. And if you’re not sure, forward to your IT security team to take a look.
- Do not click on the links embedded in the untrusted websites or emails or texts from unknown sources related to COVID-19 and refrain from downloading COVID-19-themed apps or documents from unknown sources.
- It is important to have two-factor authentication (2FA) for all your critical corporate services including email. Using 2FA will protect your account against attacks starting with credential (user/password) theft. Always use strong passwords and change your passwords periodically.
- Make sure that your operating system and software applications including antivirus are up to date with the latest security updates. Follow your company policies regarding remote access to corporate applications as well as internet access. Ideally, all the traffic originating from your corporate asset (laptop/tablet/PC) should be scanned for threats and data leakage in the same manner as it was when inside the corporate network, leveraging a secure access service edge (SASE) architecture.
The many uncertainties presented by COVID-19 challenge businesses to find new ways to ensure their employees’ digital health no matter where they work. With the ongoing crisis, threat actors are quickly updating their tools, techniques and procedures to leverage global uncertainty and target the employees of large enterprises.
There is a growing security concern that once the pandemic is over and life returns to normal, there will be thousands of corporate machines physically returning to the corporate network. If any machines were not properly secured while being used remotely and became compromised, such machines can offer the attackers a beachhead into the corporate networks, leading to a large-scale compromise for several companies. This risk signifies the importance of implementing SASE and a zero-trust network access (ZTNA) architecture.
Each user in every organization must develop a heightened state of awareness, as cybercriminals will continue to use the current global crisis as an opportunity to target and compromise end user systems. If you are unsure about something you see online or something you receive, reach out to your IT security team for help.