The current Coronavirus pandemic is forcing organisations around the world to close their offices, with many more asking their employees to work remotely. This is a necessary precaution to protect the workforce, ensuring that the spread of the virus is slowed and businesses can continue trading. Social distancing is considered to be an important component in managing the spread of the virus; slowing down the spread means that emergency health services aren’t overwhelmed while scientists look for a cure.
However remote working brings a host of cyber security related issues, so it's important that both employers and staff are aware of the risks and are taking necessary precautions. Sadly, DynaRisk's intelligence team have discovered a number of Coronavirus related phishing scams and criminals will be looking to target companies & home workers at this fraught time in the hopes of discovering weakened defences. For every company and its employees, additional policies are essential.
Here are our top tips for employees working from home...
Avoid unsecured Wi-Fi networks
Try to connect to trusted, private networks. Be cautious when using a public wireless network (in coffee shops, for example) and if you do use one, make sure you disconnect when not in use. Remote working environments do not usually have the same level of protection as in the office. As beneficial it is to have the freedom to spend your working day anywhere with an internet connection, it can also make your work devices vulnerable to cybercrime. An IPass survey revealed that 67% of CIOs believe that most Wi-Fi related security incidents occurred at cafes and coffee shops. Public Wi-Fi can be compromised and your phone may be susceptible to malware and hacking attempts, which allows cyber criminals to access your credit card details or passwords.
If you still feel you can be more productive in a public environment and choose to connect to public wireless networks, always connect to a Virtual Private Network (VPN) before connecting to the Wi-Fi. This will secure all web traffic flowing through your network by encrypting it and routing it via an intermediary server. Encryption and robust management of corporate email is also a must.
Software and updates
Ensure you have comprehensive antivirus installed on any devices you are using for business and keep all software - including your browser - up to date. Software updates are not only about the new features - they usually contain essential patches for security vulnerabilities that could lead to data breaches or cyber attacks. Activate automatic updates on all remote devices to deploy patches as soon as your provider makes new versions available.
When working remotely, emails can be an important communication channel between the company and its employees. Moreover, many important announcements such as company closures may be announced through email as well. Cyber criminals are leveraging the COVID-19 outbreak and we have seen attempts to impersonate official health institutions to deliver malware. Do not click on any suspicious attachment or link before checking the legitimacy of the sender. Find out more tips on how to detect phishing scams in our blog here.
Monitor for stolen data
Cyber criminals are constantly siphoning off huge caches of data from companies they have hacked and use it to break into systems or takeover accounts. One of the most common cases is Business Email Compromise (BEC) where an attacker leverages stolen username/password combinations to log into a company email account as the victim. Once they are in, they send fake payment instructions to the person responsible for accounting and make off with sometimes vast sums of cash.
During these tense times, accounting teams may be understaffed, juggling more tasks than usual and executives may be busy with emergency plans and not watching where the money is going. Stay extra vigilant by monitoring if company data is being shared on the dark web.
Go further than antivirus - get your Cyber Security Score
Constant monitoring of your devices and data will help you to identify areas of risk. DynaRisk's personalized Cyber Security Score and dashboard provides everything you need to understand how safe you are online. Your dashboard contains a Score alongside a list of tailored actions designed to improve and maintain your online safety along with our advanced Dark Web monitoring capability.
Additionally, DynaRisk will keep you up-to-date on the latest security threats via threat alert emails, as well as providing support via phone, email and live chat.
If you're working remotely and want to protect yourself, we're providing one month's FREE access to our Ultimate plan. Use code WORKREMOTE to sign up and start using DynaRisk today. Simply select 'Buy now' on our Ultimate plan and sign up using your business email address.
For employers, talk to sales today to discuss how our platform can lock-down your employee's cyber defenses at home.
Your health matters
As well as practicing cyber hygiene, your physical health is important too. For legitimate updates on the virus, you can subscribe to GOV.UK's newsletter. Remember…
- Avoid close contact with people who are sick and stay at home if you are feeling unwell to prevent spreading germs.
- Avoid touching your mouth, nose, and eyes.
- Wash your hands regularly with plenty of water and soap for a minimum of 20 seconds per wash.
- Clean and disinfect household objects you frequently touch - your mobile phone and laptop are a great place to start!
- Cover your nose and mouth when you cough or sneeze. If you use a tissue, discard it immediately and wash your hands.
- Follow official guidelines if you've just returned from abroad and keep business trips to a minimum.