We live in exciting times. COVID-19 has taken the world by storm, and as part of efforts to curb the spread of the disease, the pandemic has forced organisations to adapt to working remotely quickly.

Currently, working from home has become a new reality for organisations and their employees. As convenient as this may sound, it is fraught with its challenges.

From a cybersecurity perspective, working from home presents significant risks to organisations because cybercriminals around the world are capitalising on this crisis, and that makes the need to secure the remote workforce an ever-growing concern.

Since the outbreak began, there have been spikes in cyber-attacks as cybercriminals are using COVID-19 as bait to trap organisations and their employees.

To avoid falling victim, organisations must address these challenges without introducing new flaws by implementing and evaluating cybersecurity safeguards/controls.

In this article, we will be talking about some current cybersecurity challenges due to this pandemic as well as tips and recommendations on how to address them.

Phishing

Phishing is a cybercrime, with phishing targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, credit card details and passwords. Cybercriminals know we desire more information at this time, and they are using that as bait to get people to click on malicious links via emails and text messages.

These messages often have an appearance of legitimacy and designed this way to pull you in, getting you to click on links that redirect you to malware-infested sites that could steal your personal information, money, or both.

There have been numerous cases of criminals targeting governments and organisations such as the World Health Organization (WHO). The WHO reports a fivefold increase in cyberattacks directed at its staff and email scams targeting the public at large.

In another scenario, due to shortage of health-care-related products such as PPEs, test kits and ventilators, cybercriminals have impersonated sellers and manufacturers of such products and duped not just people and organisations, but also States, out of millions of dollars.

Business Email Compromise (BEC), a specialist type of phishing attack is becoming increasingly prevalent too. BEC attacks are designed to impersonate senior executives and trick employees, customers, or vendors into wiring payment for goods or services to alternate bank accounts.

How can you protect yourself? Here are five things you can do:

1. Always verify the source of the message – never swallow anything hook, line and sinker. Pay attention to spelling or grammatical errors in emails or text messages.
2. Never respond to unsolicited messages and calls that ask for personal or financial details.
3. When entering sensitive information on a website, always verify that you are on a secure and legitimate website. A quick tip is to look out for the lock icon in your browser when you need to enter login details or other sensitive information such as your debit card details.
4. Do not click on links from sources you do not know. Act by reporting them. Email service platforms such as Google’s Gmail and Microsoft’s Outlook, give you the ability to report phishing emails, this helps to protect other users from spam and abuse.
5. Question everything. Always remember the adage, “if it’s too good to be true, then it probably is.”

The Not-As-Secure Home Environment

As mentioned earlier, one of the fallouts of the pandemic is the shift from traditional working models to remote working. This has led to many individuals using their personal computers to conduct business and carry out work-related duties. These computers might not have up-to-date operating system patches or useful antivirus software, and attackers can easily exploit these vulnerabilities.

It is essential organisations get employees on approved and secure devices to protect not only themselves but also the firm. Also, it is vital to know that while employees work remotely, they are not behind the typical corporate security perimeter. They are not protected by firewalls, no intrusion detection or prevention systems, no proxies etc. and with employees connecting directly to the internet with personal modems and routers, their visibility to attackers increases.

What can be done to prevent this?

1. Always ensure your operating system and security software is up-to-date with the most recent patches.
2. Avoid free, unsecured, public WiFi.
3. If you must connect remotely to your organisation’s network, maybe to login into a corporate application, use a VPN. It reduces your visibility on the internet by creating a safe and encrypted connection known as a tunnel.
4. Use Multi-factor authentication. Authentication deals with validating the identity of individuals. It requires users to prove they are who they claim to be. There are three factors of authentication: the knowledge factor or something you know such as passwords, the possession factor or something you have such as tokens, access cards, keys and the inherence factor or something you are such as biometrics – fingerprints, retina.

Consequently, when we talk about multifactor authentication, the idea is having at least two of these factors present when proving your identity to a system. Use cases when logging into emails, corporate applications, and internet banking platforms.

Cyberattacks are nothing new, but in recent times, they have increased in frequency and magnitude. Cybercriminals are not letting this crisis go to waste, and they are working overtime so organisations must take steps to protect themselves.

Governance and risk management functions must conduct and drive comprehensive risk assessments and business impact analysis for critical functions and processes within the organisation.

Policies around information security, cybersecurity and acceptable use of devices should be up-to-date and disseminated to all employees.

Organisations should test and update their cyber incident response, business continuity and disaster recovery plans. Operating system updates and security software patches must be mandatory.

Critical systems such as servers, core business applications should be monitored. Logs and security events from such systems should be reviewed daily. This will help to identify anomalies or suspicious activities quickly.

Finally, do not forget your people. Humans are the weakest link in the security chain. It does not matter if you have the best technology or the most efficient processes. If your people are not informed, they put the entire organisation at risk.

Now is not the time to cut down on information and cybersecurity training and awareness. Learning interventions such as videos, newsletters, pictures, even games and quizzes go a long way in building a security-conscious culture in an organisation.

These recommendations if implemented, can strengthen the security posture of your enterprise, enabling you to build and maintain a cyber-resilient one.

The Union of European Football Association (UEFA), lost £514million from the Champions League and Europa League last season due to the COVID-19 pandemic.

This led to reduced TV and sponsorship income, and as a result, it plans to cut prize money for club competitions – Champions League and Europa League, over the next five years (seasons) to offset the incurred losses.

READ: Football: AC Milan announces loss of €195million

According to The Times, UEFA wrote to its 55 member associations revealing the amount lost (£514million) due to the financial impact of the pandemic and its plans to cut the prize money for its two competitions.

By spreading the costs out to offset losses, competing clubs in the two UEFA club competitions (Champions League and Europa League) can expect a roughly 4-per-cent drop in Uefa prize money in each of the next five seasons.

READ: Manchester United: A football club or a business

The 2019-20 Champions League and Europa League were on hold for five months (mid-March to August) when the pandemic wreaked havoc on the global sporting calendar, with the UEFA opting to schedule matches from the quarter-finals which were played as single-match knockout ties at neutral venues in Lisbon, Portugal (Estádio da Luz and Estádio José Alvalade).

DAZN, an English streaming platform terminated its rights deal for the UEFA club competitions (Champions League and Europa League) in particular places like South East Asia and Japan, the streaming platform cited the delay and the reduced number of matches (one-legged tie) as a reason for the termination.

READ: Ajax FC’s shares fall by 21% after Champions League defeat

Telco Altice, a French multinational telecommunications corporation, which holds exclusive rights for the Champions League and Europa League in France, has publicly demanded its money back, due to the delay and reduction in matches played. Telco Atlice pays €350million per season for its rights to the two UEFA club competitions for the 2018-21 cycle.

READ: Messi emerges highest paid Sportsman on earth; here is how

Also, UEFA recently announced that financial services company – Mastercard, has renewed its Champions League sponsorship contract to continue through the 2021-24 cycle extending its 26-year partnership, dating back to 1994. The agreement also includes sponsorship rights for the UEFA Super Cup competition in 2021, 2022, and 2023.

The Minister for Works and Housing, Mr. Babatunde Fashola, on Sunday, discovered a hidden camera at the Lekki Toll Gate, Admiralty Circle, Lagos, during an on the spot assessment.

Fashola, who led a Federal Government delegation at the instance of President Muhammadu Buhari to commiserate with the Lagos State Governor, Babajide Sanwo-Olu over the loss of lives and destruction of public and private assets in the violence that rocked the state last week, noted that words are not enough to describe the level of destruction wreaked by the arsonists.

READ: #EndSARS: A day by day timeline of the protest that has brought Nigeria to its knees.

READ: COVID-19: CIBN supports Lagos with N20million

Some of those in the Federal Government’s entourage include Minister of Interior, Ogbeni Rauf Aregbesola; Minister for Mines and Industries, Olamilekan Adegbite; Minister for Trade and Investments, Niyi Adebayo, Minister of State for Health Olorunnibe Mamora; Minister for Sport and Youth Development, Mr. Sunday Dare; and Minister of State for Niger Delta, Sen. Omotayo Alasoadura.

Also, on the entourage for the inspection tour in the company of the press are some South-West Governors such as Kayode Fayemi, Ekiti state; Rotimi Akeredolu, Ondo State; Seyi Makinde, Oyo State; and Babajide Sanwo-Olu, Lagos State.

READ: #EndSARS: FG creates new N25 billion Youth Fund, to increase to N75 billion in 3 years

Fashola who discovered the camera during an on the spot assessment at the Lekki Toll Gate, subsequently, handed it over to Lagos State Governor, Babajide Sanwo-Olu for forensic analysis and further investigation.

The former Lagos State Governor said the camera must have been planted by some subversive elements prior to the reported shootings for ulterior motives.

Explore Data on the Nairametrics Research Website

READ: LCC confirms perimiter cameras were not removed from Lekki Toll

While handing over the camera to Sanwo-Olu after picking it up with the aid of a handkerchief, Fashola said, “I think this will help with the ongoing investigations into the shootings at the Lekki Toll Gate. It requires forensic analysis and could be used in the investigations to unravel the mystery surrounding the shootings at the Toll Gate, I believe.”

However, some Nigerians have expressed reservations over the discovery. They believe it’s just an act put up by government officials to cover up for the shooting incident at the Lekki Tollgate.

A Twitter user Editi Effiong said the minister thinks we are stupid.

READ: #EndSARS: Governor Sanwo-Olu clarifies “forces beyond our direct control” comment

Fashola really thinks we are stupid.

— Editi Effiòng (@EditiEffiong) October 25, 2020

Aproko doctor asked for the footage from the CCTV which many believe has been taken away.

Where is the footage from the CCTV at the Lekki Toll Gate?

— Aproko Doctor (@aproko_doctor) October 25, 2020

Another Twitter user believes that this is part of the plan to doctor the video of the events that happened that night.

Heard Fashola discovered a mysterious camera today, so a doctored video will be released in the coming days. These people are VERY wicked and they will all pay for the evil done. #EndSARS #LekkiMassacre

— #EndSARS #EndPoliceBrutality (@TheRealHydee) October 25, 2020

Olanrewaju found it strange that Fashola could discover the mysterious camera days after the cleaning up of the location by LAWMA, who didn’t discover anything.

Leave Arise TV, let's say they weren't interested in finding evidence. LAWMA has cleaned that place for 2 days, they didn't find no camera. I passed through that place on Saturday, looked all round seeing the damage. All of a sudden, agent Fashola found a camera 😂 😂 😂

— Olanrewaju (أولانريواجو) (@larenx_real) October 25, 2020