As the hard reality of the COVID-19 hits us, businesses have had no other alternative but to instruct employees to stay home and work remotely, resulting in a global shift on how the economy, daily life and human interaction unfolds over the next few weeks.
Unfortunately, these rapid changes have created a threat of exploitation and opened up opportunities where cybercriminals thrive and sweep in to take advantage of the situation, thus putting systems in jeopardy and increasing the risk of ransomware attacks and phishing, especially those that don’t necessarily have adequate IT security measures in place. The conditions are ripe for cyberattacks of every sort. It is no wonder that since the COVID-19 outbreak, hospitals and other medical facilities across the globe have been victims of security breaches with sensitive data being held ransom or simply disrupting the operations of such institutes.
It’s a given that people working from home have fewer security defences on their home networks than they would have in the office – think firewalls and VPN vulnerabilities – coupled with stressful times and possibly more distraction than usual, thereby creating a situation whereby they are more likely to fall for malicious scams and hoaxes.
It is therefore extremely important for companies and IT Departments in particular, to continuously communicate with and educate staff on how to be vigilant and exercise caution when clicking on outbound links,and continuously remind them on the negative repercussions that can have. Also, with more children being at home using streaming services and video games, the home network is further compromised.
So, what should the home worker be looking out for?
Be vigilant and wary of online scams
Unfortunately scammers use current situations like the COVID-19 pandemic to prey on collective fear and ignorance for their fraudulent activities. They will for example, send emails, malicious domains, or fake applications claiming to provide important information when in fact they bear malware.
Beware of phishing
The hacker’s goal is to get a user to click on an emailed link that downloads malicious malware – don’t click on links from unknown sources! Only download or install software from trusted sources and verify that the URL of any website that asks users to enter a password is accurate – hackers often set up URLs that are similar to real websites to harvest passwords.
Prevention is better than cure
- Change default passwords on your home wifi router to prevent hackers from accessing your network, and practice regularly changing your router password if it has previously been shared with others.
- Use strong and unique passwords (at least 10 characters including special characters such as @#$&) on every account and device.
- Look out for updates from your employer and IT Department – it’s also important to be up to date on new policies to help keep you and your company safe.
- Stay current on software and updates and security patches – keep all devices, apps and operating systems up to date. When you get reminders, don’t wait – update!
- Protect smartphones in the same way as laptops and ensure that they are updated with the latest firmware versions which must be downloaded from legitimate apps from official stores.
- If you have to use personal equipment, keep it as close as possible to office security standards by following your company’s data protection measures
- Remember that your company laptop is for your use only – do not allow other members of the household to use your company equipment.
- Back up your work using USBs or external hard drives in case of connectivity failure
- Since the whole family is working and studying from home, remember to create a safer digital environment by employing a home network security that not only protects your network against hackers, but also blocks and filters sites, thereby blocking inappropriate sites and content and controls social media usage.
- And lastly, educate the family around online safety. Ensure that all members of the family understand the dangers of the public nature of the internet.
Just as the world is being urged to practice hygiene for the COVID-19, so should we practice safe online hygiene.