DigixBuddy

DigixBuddy Logo
Menu
Schedule a Call
Menu
DigixBuddy Logo
Schedule a Call

Cybersecurity threats to watch out for and steps to take amid the COVID-19 outbreak

Cybersecurity

Insecure home-based network

With employees now using their home-based internet connections and insecure VPNs, cybercriminals can easily access them. Security barriers for home devices cannot protect the company’s database or even personal information. Passcode-protected home networks do not guarantee the same level of security as the infrastructure of a corporate office does. Your employees, therefore, are at a higher risk of IP address spoofing and packet sniffing.

As a CTO/Cybersecurity team member you must take the following steps to ensure network safety:

  • Make sure your employees protect their home-based networks with strong passwords and store them in secure password managers
  • Employees must use company protected VPN that will connect them to your office cloud
  • Employees’ devices must have latest Antivirus protection
  • You must pair your default antivirus protection with advanced threat protection that can save you from zero-day attacks

Risk of data theft on Zoom

Zoom has become the go-to for organizations across the globe to host meetings in this new normal. Although it’s easy user interface appeals to many, at the same time, it is not a reliable platform to conduct confidential business meetings where you and your partners share crucial data through screen sharing or zoom chat. In fact, there are data breaches associated with this too.

If you ever get a chance to read Zoom’s privacy policy it doesn’t guarantee you the full protection of your information. Making it easy for hackers or anyone to access your data or enter a meeting without being visible. So what should you do?

Whenever you have to host a business meeting it’s highly recommended not to make your meeting ID public. Create a very strong password for that meeting to keep your meeting room private. Make sure you do not click on any link you get on zoom chat since that may be a scam from hackers.

 

Be aware of online hoaxes

With so much uncertainty and curiosity, it’s no surprise people are reading things about it online. Visiting different websites to know more about this disease. This is certainly a golden opportunity for scammers to capitalize on this tension and hack people’s devices. With more than 100,000 COVID-19 web domains, malicious attacks and Android application breaches have been on the rise. The hackers are running online scam campaigns targeting “COVID-19” to get your attention through emails,video links or excel sheets since the home-based connections do not efficiently protect the scam mails or links.

Browser-based vulnerabilities

The use of SaaS software which is accessible through web browsers has increased while working from home. Due to increased browsing, the internet traffic has reportedly been uplifted by 20% during this challenging situation, making browsers a rich data pool for cybercriminals to attack employees’ work system and devices.

As a cybersecurity manager, you need to make sure that your employees use the browser on your corporate cloud network aka “browser isolation”. Also you need to ensure that your teams are only using your corporate plugins and extensions on the internet. This will prevent you and your employees from the browser-based malicious attacks on your work system and devices.

 

So how can your business respond?

 

Increased awareness and vigilance can be a powerful antidote against these novel attacks. Here are some key steps you can take to reduce risk to your organization as well as to employees.

  • Raise awareness among your employees about the increased risk of COVID-19-themed phishing attacks.
  • Maintain proactive communication to remote workers about your organization’s approach to combating cyber threats prompted by the pandemic and how to identify phishing attacks.
  • Opt for two-factor authentication for all remote access accounts
  • Ensure all devices have the latest antivirus and firewall software installed
  • Opt for data encryption on laptops used for remote working given the risk of theft
  • Backup all critical systems and validate the integrity of backups to avoid the risk of organized cybercrime breaches
  • Be skeptical of emails from unknown senders and do not open any strange attachments
  • Be wary of grammatical errors in the text of the email – they are usually a sign of fraud
  • Have a cybersecurity helpline in place and report any suspicious emails to the IT or security department

No doubt, this pandemic will significantly change how you and your organization work and stay secure, but taking these relatively simple steps, both at an individual and at an organizational level, should help reduce some of the most common security risks prompted by the remote working scenario. Companies need to understand that these threats are as evolving as they are novel and so must continually develop extensive cybersecurity strategies to protect themselves from the scammers to avoid unnecessary additional costs and disruptions at a time where we simply cannot afford them.

Related Posts