The current Covid-19 pandemic has changed several dynamics of the world. Education has majorly moved to digital platforms. People are opting for digital transactions and saying no to physical banking infrastructure. Further, major IT companies and multinational companies have shifted to work from home opportunities. As wonderful and convenient as the new ways look and sound, it is undeniable that the internet has become increasingly dangerous. Cybercriminals are always waiting for opportunities to attack servers, steal sensitive information, and wreak havoc. Government offices, as well as private firms, are extremely vulnerable to such cyberattacks. Cybercriminals are overwhelming the system by exerting pressure and maliciously disrupting the operations. They do it in exchange for financial benefit or plain data theft.
Hence, it has become increasingly important to tighten all loose ends of your enterprise’s security services. Even the smallest loophole can be utilized by cyberattackers to reap benefits by creating a mess.
Here are some necessary safety measures you can incorporate into your security system this pandemic:
- Keep up-to-date software and anti-malware security. Install updates as soon as they are made available. They combine anti-malware apps with email and web surfing to give the best protection. As they often target systems that are unpatched and vulnerable, this helps to avert attackers. It also protects from the new viruses.
- Have a tight control of access with good password practices. Two-factor authentication (2FA) or multi-factor authentication(MFA) is recommended for important accounts or data. It is also necessary to follow good practices around passwords. It involves getting good passwords, modifying passwords by default, and never re-using passwords again. The longer the password, the better – a password manager would allow passwords of 12 characters or more and with special characters and numbers instead of eight alphabets only.
- Backup the data and test the processes continuously. This is important, especially when it comes to defending against ransomware attacks, where sensitive data is encrypted by criminals who often demand payment to unencrypt it. Try not relying entirely on online backup services such as OneDrive or Google Drive.
Phishing email examples
There are a handful of examples of spam emails. These scams will often ask you to click on a link or attachment so that you can get more information about ‘protecting’ yourself from coronavirus. A naive user can click on these emails, but its best not to do so. It’s wise to close and delete the email, and never click on links or attachments.
Watch out for these domains as well. Security services have reported mysterious intent, as reflected by anti-virus software.
Avoid visiting any of these websites. If you receive any emails from such domains (e.g., @coronavirusstatus[.]space addresses) or if they’re linked in any emails, it’s better taking extra precautions. Never click on any links within such emails and don’t open or download any attachments. Close the email straight away, and delete it to avoid risk and keep your system safe. As an alternative to office-based security gateways, enterprises can look at the security solutions delivered by the cloud services, especially those that do not require any additional hardware or software deployment. Amazon Web Services, Microsoft Azure and Google Cloud Platform have robust security measures. Opt for them and install them to take your security up by several notches.
Another dangerous scheme you need to be aware of is ransomware. It is no longer just another cybercrime industry. It has evolved over the years as a weapon that causes severe destruction to your enterprise. It created an ugly situation in 2017 when several strains of ransomware were activated. These utilized a highly dangerous Windows exploit rumored to be developed by the NSA. Later, data was leaked by a hacker group to spread across computer networks with zero user interaction. The COVID-19 pandemic has given a golden opportunity to make a striking entry now.
To summarize and add some valuable information, here are some places you should pay attention to while working safely at your organization during this pandemic:
- Safeguard all the confidential documentation. Do not permit emails or documents at home unless very necessary. Also, avoid sharing work-related emails to non-work computers.
- Beware of social media hacking. There are several unethical schemes claiming to be from the government or a health department seeking to sell coronavirus vaccine kits or safety checks. Online medicines promising to cure coronavirus, give you something, and phone calls from suppliers and government agencies demanding you do something all with the only purpose to cheat you into stealing your money.
- Invest in ransomware safety services.
- While working from home, ensure that all remote workstations, laptops, and all remote and office computers are up-to-date with the latest anti-virus software and updates. Keep a central dashboard to view and manage them all. An additional security step would also be to enforce the rule that the anti-virus software used across all machines includes web filtering to protect staff with safe online surfing and phishing email protection against malicious URLs.
I hope this article helped you understand why security is at stake now and how you can avoid cyber-attacks on your organization!
For further reading, here are some articles-