Working Remotely starts with working securely
While the COVID-19 pandemic has impacted the way the majority of us work and live our lives, cyber attackers have not taken a break. The pandemic has fuelled cyber-attacks as the attention may have shifted to the healthcare sector. Equipped with the correct monitoring tools, organizations may have noticed a dramatic increase in the number of cyber-attacks directed at its resources and staff. Not only are our organizations being targeted, but cybercriminals are targeting and attacking us as individuals.
While there are many potential solutions to getting your organization up to speed with security in this new reality, we should first understand some of the common cyber-attacks being utilized today. These include:
Social Engineering attacks through phishing and smishing. Phishing is a tactic in which unsolicited emails are sent asking you to provide information or luring you to click on a malicious link. These messages are normally affixed with a eye catching subject line such as “COVID-19 Update”. Smishing is very similar but takes the form of unsolicited text messages (SMS or WhatsApp) requiring that you to open a link or view what appears to be a video or a meme (GIF).
Malware is a malicious computer program or software with the intention to cause harm to a computer or to retrieve information from the computer. Attackers deliver malware through email messages, text messages and embedding it in interactive maps and websites related to hot-button topics such as COVID-19.
Remote service attacks are where cyber criminals attempt to identify and exploit any remote services which may be in use by an organization. For example, if an attacker identifies a remote desktop connection to a computer accessible over the internet, then vulnerabilities or weaknesses would be identified, and exploits launched including brute force.
Brute force attacks involve guessing various usernames and password combinations until the correct combination is identified to access any site or service protected by passwords. Similarly to the scenes displayed in most movies of a hacker trying to break into a device or system.
It is paramount that we do not skip out on cybersecurity best practices. In the same way practicing sanitation helps to protect you against an infection, safe cybersecurity practices will help to protect you from an attack. Here are a few tips to protect against cyber-attacks and to help secure remote working.
Strong Passwords: Use complex and strong passwords to protect all IT assets. Do not write your password on a paper, instead store them in a password manager/vault. A strong password must have a minimum of 10 characters and consist of a mixture of uppercase, lowercase, numbers and have special characters (such as #, @, &).
Two-factor authentication(2FA): After a user enters their username and a password, before gaining access to the account, another piece of information must be provided. i.e. something you know. for example the answer to secret questions, something you have e.g. a smartphone with an authentication token or something you are such as bio-metric information. Enable 2FA as an additional layer of security on all your accounts.
Least privilege: Use access control limitations and grant access to resources only on a need to know basis. Do not grant everyone the same level of access to speed up the remote work from home deployment.
Virtual private network (VPN): If possible, require the use of a secure VPN to establish a connection to the resources. A VPN could also help to protect users when they are not using a secure internet connection by encrypting data. Note, most cloud-based apps do not necessarily require a VPN to connect to applications.
Backup:All important files must be backed up regularly and stored separately from the system being backed up. Protect files backed up by encrypting these files with a password.
Update: Keep all devices up to date with the latest system updates and patches. If an outdated system or application is being used, your device may be at risk against known threats.
Suspicious emails: Avoid opening suspicious emails or attachments, do not click on links in emails or text messages which you were not expecting or comes from an unknown sender.
Enable Security Tools: Configure anti-malware or anti-virus software and disk encryption on all laptops and mobile devices. Organizations should ensure their devices are connected to a Mobile Device Management (MDM) tool to keep track of assets and can manage these assets remotely.
Secure home Wi-Fi network: Change your home Wi-Fi and the router default password, as these default passwords are often weak and shared by other routers. In your router configuration settings, turn on Wi-Fi encryption, ideally WPA2 and turn off network name broadcasting (SSID broadcasting) or hide your Wi-Fi network name.
Video conference securely: Ensure there is no sensitive information in your work area or in view of the camera. Use a headset when conducting conference meetings and password-protect, or otherwise ensure unknown individuals cannot enter video conferences.
Employee Training: Sensitize employees and establish clear security guidelines, so they understand how to protect themselves and the systems. Always remember your employees are the front line of defence, IT security does not stop with your IT department it lives in the daily actions of the users of the systems.
COVID-19 has made remote work the norm in certain industries and this may remain in place even after we get over the pandemic. Remote work does not have to mean relaxation in IT security, once users are educated and trained and the tips are followed, they will be in a better position to protect themselves and your organization from cybersecurity attacks and threats.