What is your working from home policy?
As an unprecedented health crisis the coronavirus is tipping societies into a new paradigm where telework is the norm. Work at home has gone from optional to compulsory. This is an unprecedented transition that we are experiencing and like any sudden transition it can be very painful for businesses that are not prepared. So we help you to understand the risks that are related to this new paradigm and how to be prepared to face them.
The risk of cyber attacks increases with confinement and telework. Hackers would redouble their imagination to deceive users, both individuals and businesses, making coronavirus the most important topic ever used by hackers.
Coronavirus as a hacking tool?
In the context of the spread of Covid-19, hackers would redouble their imagination to deceive users, both individuals and businesses, making coronavirus the most important topic ever used by hackers. The underestimation of cyber risk is of particular concern. First, because the risk of attack increases. As in all episodes of crisis, an intensification of cybercriminal activities has been identify since the beginning of the coronavirus. The cynicism of the attackers is limitless: in one week, the AP-HP which manages 39 hospitals in Ile-de-France, then the WHO were targeted. The number of attacks is such that some are already talking about the risk of a digital pandemic.
TechCrunch, sees an increase in computer attacks in recent weeks. According to them, this increase is directly linked to the Covid-19 pandemic which acts as “bait to deceive victims in the execution of malware”.
All of these campaigns used the coronavirus as a decoy to infect computers.
There has been an increase in spearphishing campaigns. Unlike phishing, that is to say a process of massively sending e-mails pretending to be someone known to the user, spearphishing involves targeted e-mails, carefully created to deceive a very particular individual.
Another widespread practice uses the theme of the coronavirus to trap users, as they do at other major events such as Valentine’s Day. The topic is topical. It is of interest to everyone and given the confinement, the number of interactions via the web has increased.
Hackers offer sites and links related to the epidemic, such as interactive maps, emails, often with an official appearance, to attract their prey and infect them with “malware”, malicious software, explains Christophe Jacques. These links can also be reached by Whatsapp or SMS. We click, and we arrive on a site whose name has a relation with the coronavirus.
Now that you understand the risks here are a few adives provided by the infosecurity magazine
Recommendations to fight against attacks
Secure Access to business critical applications and documents
If the remote workforce is using company issued devices such as laptops, tablets and phones, ensure employees have full access to all documents and applications they will need to complete their work.
To maintain a high performing workforce, personnel will need appropriate access to the company’s enterprise cloud to undertake critical job functions, so it’s vital to have appropriate policies in place for managing permission-based roles, audit trails, and restricted access to non-essential areas .
With the right policies in place to protect important documents and applications in the cloud, the next priority is to ensure that end-user connections are secure. A VPN (virtual private network) that provides a secure direct link to servers is an ideal base layer of security for a remote workforce.
And avoid public or unknown Wi-Fi networks and connect your PC to VPN
Initiate efficient communication channels
Setting up secure and reliable communications systems will be crucial for enabling long-distance collaboration and teamwork within the enterprise and beyond its walls.
While face-to-face interactions are currently curtailed, there are a variety of communication tools that are ideal for remote workforces that need to engage in long-distance communication and team collaboration. These include platforms such as Google Hangouts, Slack, Microsoft Teams, or Cisco Webex Teams, which all provide tools that enable quick chats, group chats, client communications and video conferencing.