During This Difficult Time, Cybercriminals Are Leaping at the Opportunity to Steal Valuable Information and Drain Bank Accounts. Here’s What You Need to Know About Secure Remote Work and Threats That Exploit COVID-19.
It’s a difficult time for many as coronavirus continues to spread at a rapid rate around the world. Former Chicago Mayor Rahm Emanual is well known for the following quote…
“Never allow a good crisis to go to waste.”
Unfortunately, cybercriminals are listening to this advice as we speak. There are two main cybersecurity concerns with the COVID-19 outbreak:
- More and more businesses are embracing a remote workforce in a short period with limited knowledge and/or expertise in this regard.
- The majority of individuals are facing significant stress and concern regarding the virus – meaning they’re leaving their guards down a bit more than usual.
Be Aware of Threats That Are Rampant During the COVID-19 Pandemic…
There are a range of threats to be aware of during the COVID-19 pandemic, including but not limited to:- Website domains related to the virus and/or offering information that has been set up to contain malware within them.
- Phishing attacks taking advantage of insecurities around the virus claiming to be from WHO, the CDC or other governmental organizations.
- Phony remote access tools that contain malicious content being distributed to organizations working from home.
How to Stay Safe Against Threats While Embracing a Remote Workforce…
Naturally, embracing a remote workforce typically means a less secure working environment for employees. There is a general lack of enterprise-grade security measures, alongside a feeling of freedom due to using their own devices. If possible, it’s best to issue corporate-owned devices and enforce a “no personal use” policy that comes along with them. Here are some tips to keep you safe during and after the COVID-19 pandemic:- Use a virtual private network (VPN) when possible to create a secure, encrypted tunnel for employees connecting to the network. You can also take advantage of virtual desktop infrastructure (VDI) to give employees access to their workstations from home.
- There’s no miracle cure for COVID-19. If you get an email stating there’s some miracle cure, delete it. It’s not true. This is more than likely a piece of malware that will watch your every move or ransomware that will encrypt your files.
- Do not wire money to anyone. Cybercriminals will call or email stating that the victim’s family member is in the hospital with COVID-19 and they need to send money to cover hospital bills.
- Microsoft, Google, and any other tech firm or governmental agency will never call or email you to ask for your password. If you receive a call or email like this, do not respond and hangup/delete the email.
- Use two-factor authentication wherever possible when accessing sensitive information via remote access solutions or cloud-based productivity tools. This limits the risk of unauthorized access.