We live in exciting times, COVID-19 has taken the world by storm, and as part of efforts to curb the spread of the disease, the pandemic has forced organisations to adapt to working remotely quickly.
Currently, working from home has become a new reality for organisations and their employees. As convenient as this may sound, it is fraught with its challenges.
From a cybersecurity perspective, working from home presents significant risks to organisations because cybercriminals around the world are capitalising on this crisis, and that makes the need to secure the remote workforce an ever-growing concern.
Since the outbreak began, there have been spikes in cyber-attacks as cybercriminals are using COVID-19 as bait to trap organisations and their employees.
To avoid falling victim, organisations must address these challenges without introducing new flaws by implementing and evaluating cybersecurity safeguards/controls.
In this article, we will be talking about some current cybersecurity challenges due to this pandemic as well as tips and recommendations on how to address them.
Phishing
Phishing is a cybercrime, with phishing, targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, credit card details and passwords. Cybercriminals know we desire more information at this time, and they are using that as bait to get people to click on malicious links via emails and text messages.
These messages often have an appearance of legitimacy and designed this way to pull you in, getting you to click on links that redirect you to malware-infested sites that could steal your personal information, money, or both.
There have been numerous cases of criminals targeting governments and organisations such as the World Health Organization (WHO). The WHO reports a fivefold increase in cyberattacks directed at its staff and email scams targeting the public at large.
In another scenario, due to shortage of health-care-related products such as PPEs, test kits and ventilators, cybercriminals have impersonated sellers and manufacturers of such products and duped not just people and organisations, but also States, out of millions of dollars.
Business Email Compromise (BEC), a specialist type of phishing attack is becoming increasingly prevalent too. BEC attacks are designed to impersonate senior executives and trick employees, customers, or vendors into wiring payment for goods or services to alternate bank accounts.
How can you protect yourself? Here are five things you can do:
- Always verify the source of the message – never swallow anything hook, line and sinker. Pay attention to spellings or grammatical errors in emails or text messages.
- Never respond to unsolicited messages and calls that ask for personal or financial details.
- When entering sensitive information on a website, always verify that you are on a secure and legitimate website. A quick tip is to look out for the lock icon in your browser when you need to enter login details or other sensitive information such as your debit card details.
- Do not click on links from sources you do not know. Act by reporting them. Email service platforms such as Google’s Gmail and Microsoft’s Outlook, give you the ability to report phishing emails, this helps to protect other users from spam and abuse.
- Question everything. Always remember the adage, “if it’s too good to be true, then it probably is.”
The Not-As-Secure Home Environment
As mentioned earlier, one of the fallouts of the pandemic is the shift from traditional working models to remote working. This has led to many individuals using their personal computers to conduct business and carry out work-related duties. These computers might not have up-to-date operating system patches or useful antivirus software, and attackers can easily exploit these vulnerabilities.
It is essential organisations get employees on approved and secure devices to protect not only themselves but also the firm. Also, it is vital to know that while employees work remotely, they are not behind the typical corporate security perimeter. They are not protected by firewalls, no intrusion detection or prevention systems, no proxies etc. and with employees connecting directly to the internet with personal modems and routers, their visibility to attackers increases.
What can be done to prevent this?
- Always ensure your operating system and security software is up-to-date with the most recent patches.
- Avoid free, unsecured, public WiFi.
- If you must connect remotely to your organisation’s network, maybe to login to a corporate application, use a VPN. It reduces your visibility on the internet by creating a safe and encrypted connection known as a tunnel.
- Use Multi-factor authentication. Authentication deals with validating the identity of individuals. It requires users to prove they are who they claim to be. There are three factors of authentication: the knowledge factor or something you know such as passwords, the possession factor or something you have such as tokens, access cards, keys and the inherence factor or something you are such as biometrics – fingerprints, retina.
Consequently, when we talk about multifactor authentication, the idea is having at least two of these factors present when proving your identity to a system. Use cases when logging into emails, corporate applications, and internet banking platforms.
Cyberattacks are nothing new, but in recent times, they have increased in frequency and magnitude. Cybercriminals are not letting this crisis go to waste, and they are working overtime, so organisations must take steps to protect themselves.
Governance and risk management functions must conduct and drive comprehensive risk assessments and business impact analysis for critical functions and processes within the organisation.
Policies around information security, cybersecurity and acceptable use of devices should be up-to-date and disseminated to all employees.
Organisations should test and update their cyber incident response, business continuity and disaster recovery plans. Operating system updates and security software patches must be mandatory.
Critical systems such as servers, core business applications should be monitored. Logs and security events from such systems should be reviewed daily. This will help to identify anomalies or suspicious activities quickly.
Finally, do not forget your people. Humans are the weakest link in the security chain. It does not matter if you have the best technology or the most efficient processes. If your people are not informed, they put the entire organisation at risk.
Now is not the time to cut down on information and cybersecurity training and awareness. Learning interventions such as videos, newsletters, pictures, even games and quizzes go a long way in building a security-conscious culture in an organisation.
These recommendations if implemented, can strengthen the security posture of your enterprise, enabling you to build and maintain a cyber-resilient one.