researchHQ’s Key Takeaways:
- The influx of new cyber threats combined with an expanding network of remote workers has made it more important than ever for organisations to secure their workforce and employee devices.
- Simple measures such as continuously updating company devices and employee training are critical to preventing data breaches.
- Virtual Private Networks (VPNs) struggle to always handle large volumes of traffic, making a backup necessary to manage the spike in remote workers.
- Deciding what to protect, and why, will help organisations identify vulnerabilities and provide an indication of what areas need reassessing.
While the COVID-19 pandemic is first and foremost a health and humanitarian crisis, there’s a massive business impact which is challenging our cybersecurity world. (SITREP: Cybersecurity Risks Related to COVID-19 (PDF)).While many organizations may have some form of remote working environment, it’s possible most have never conducted a full remote worker business continuity test, much less developed the culture, technology, communication and policies that will have to work together nearly simultaneously in today’s global context. As you might expect, adversaries are seizing the day to try to disrupt enterprises which may be already struggling to maintain operational continuity in the rush to work from home.
While necessary and important in these difficult times, working from home creates an attractive proposition for threat actors to step up social engineering campaigns. Malicious actors are taking advantage of workers being comfortable in their homes by conducting phishing, ransomware, business e-mail compromise—especially using keyword lures associated with coronavirus or related current events. (SITREP: Cybersecurity Risks Related to COVID-19 (PDF)).
In an environment where reliable information is scarce, there seems to be no end to the opportunism of the cybercriminal. More than 16,000 coronavirus-related domains have been registered since January, 2020. Although not all represent a threat, many of these sites are suspected to support a wide range of malicious activity, including credential harvesting, carding fraud and malware installation. COVID-19 domains are reportedly 50 percent more likely to be fraudulent than other domains. And just like the virus, cyber activities have sprung up from threat groups operating out of multiple locations across the world, including Russia, Iran, North Korea, Vietnam and Pakistan.
So, how can you help protect the safety and security of your people, and the data and technology they need to work from home? And how can we all better manage the “new normal” threat landscape?
Protect your people
Just like hand-washing and social distancing, protecting people and the business can be reinforced through regular, consistent, and clear communications. Stressed people tend to make bad decisions, so helping them feel safe and secure and communicating on both emotional and rational levels can be useful in winning “hearts and minds.” Reminders about strong authentication on all devices should be coupled with support—preferably, a single point of contact for reliable information. For example, in Accenture we hold one-on-one conversations with security team members and have built a virtual crisis management “war room” to quickly disseminate information.
Here’s some other ways you can help your people to protect themselves from work-from-home vulnerabilities:
- Make employees aware of company information protection procedures, including those around hard drives and file encryption in storage and in transit.
- Brief employees on home network best practices, including the use of non-default router and Internet of Things passwords, SSID broadcast hiding and the configuration of trusted DNS providers.
