2020 has been quite a year. The global Covid-19 pandemic changed up the rules of most peoples’ daily lives, taking a big toll on individuals, businesses and organizations. During this time, cyber attackers were quick to jump on the exploitation wagon, taking advantage of the chaos and changes in work and activity patterns to deploy attacks, steal information and cash in on victims. Large firms such as Deloitte have seen a spike in cyber-attacks during the Coronavirus pandemic such as Covid-themed phishing, malspam, and ransomware attacks.
Changes in attack types, targets and volume during this year, in addition to changes in victim behavior and vulnerability, have forced businesses to rethink their security. The most prominent of behavior changes during 2020 has been the shift from office work, on devices unified behind the shield of a corporate network protection solution, to remote work from ill-protected home networks. Not only is the technological aspect of security different while working from home, the at-home working mindset can also create additional vulnerabilities to cyber-attacks. People may be less alert while leisurely working from home in their pajamas, and as a result can accidentally fall for a phishing scheme or press on a malware download link. A lack of differentiation between work-related and personal-related activity may also lead to malware infections on a work computer used from home. Organizations should ensure that their employees are using a VPN, and that it is configured correctly.
While many have been forced to work from home because of Covid-19, a great deal have also been laid off. Among those that have lost their jobs, leaving them income-less and stuck at home, are a group of highly skilled people that turn to cyber-attacks as a last-resort way to pay their bills. So, in addition to experienced, long-term cyber attackers taking advantage of the current situation to make some profits, a new wave of attackers is forming.
Some SOCs and security teams on the other hand, are not able to function properly during the current state. Managing a joint operation from home can create difficulties in the teams’ ability to give a proper response to each breach or attack attempt, and these teams’ ability to monitor activity inside the company and ensure secure behavior is limited at most.
During Covid-19, security approaches need to change. Companies should ask themselves if their security processes and solutions are providing them with widespread, quality protection from cyber-attacks. It may be time to upgrade their security, and maybe it’s even possible to do so while lowering costs. In addition to rethinking and adjusting a broad security strategy to these changing times, we advise businesses and organizations to verify implementation of work from home security measures such as the ones below:
1. Make sure your programs and operating system are updated.
When vulnerabilities are exposed, especially OS and common program ones, they are usually quickly patched. The patches are deployed in new program updates, and many threat actors prey on people who have left themselves exposed to exploitation by fully updating their system. To protect yourself from these potential malware infections, make sure that all your programs are updated.
2. Protect your devices with a reliable anti-malware solution.
Another important step for malware protection is implementing a security solution that will keep you protected even when your device is outside the corporate network. Use a local antivirus program, and implement an endpoint security solution that acts as a firewall to block both inbound and outbound malicious traffic.
3. Secure your home network.
Home wi-fi networks, as opposed to corporate ones, are usually much easier to hack and there is no IT team to back them up. These networks often use weaker protocols, and most people do not change their default router password. To protect your network and devices from hackers, change your default router password if you have not already done so. In your router settings, you can also configure wi-fi encryption to keep your information safe.
4. Separate your work computer from personal devices.
Connecting your work computer to your home network can expose it to network hacking and worm-like malware that propagates laterally to multiple devices inside the network. Even if you are very careful, and are conscious of malicious websites and emails, other devices in the network may pose a risk to your own. Fake websites, game and content downloads, and more, can easily infect a family member or roommate's device. From there on, it can be a matter of time until your device is infected too. If you’re using your home network for remote work, do not make your device visible to other devices in the network. If you have to add it to the HomeGroup, then make sure the option to share files is off.
5. Use your organization’s VPN.
Connecting to your company’s corporate VPN can allow you the security of protected, encrypted connections to many different services. This separation from the home network adds another layer of protection from infected devices in your home network.
6. Isolate work from your personal life.
Working from home can open a door to bending the boundaries of corporate-personal life behavior. When handling work material, make sure you’re using your secure, IT-approved corporate platforms to avoid accidentally exposing sensitive company information. Stick with corporate services for e-mail, file-sharing and messaging. In addition, resist the temptation of using your work computer for personal use, as it can easily lead information mix-ups such as saving files in wrong locations, and also broadens the range of malicious destinations that your device will potentially attempt to visit.
7. Use secure settings for video conferencing.
Review security downsides of your video conferencing platform to become aware of its vulnerabilities, and understand how to use it as securely as possible. If you are using a local video conferencing software, make sure you’ve downloaded it from the original, trusted source. There are many websites offering legitimate conferencing software downloads bundled with malware, seeking to trick users. Make sure you can control who enters your sessions – use password protection, and consider using the waiting room function if one is available. Lastly, make sure you do not have sensitive information in view of your camera during video conferencing sessions (such as notes with passwords, personal information, etc.) and do not share screen shots or videos from your video conferences.
8. Lock your device before walking away.
A simple action that many take for granted can be the difference between information security and a malware infection. You may be thinking why you need to do this if only you and your family members or roommates are around, but remember that in many cases, malware infections come as a result of completely innocent actions. Maybe your child wants to quickly check something online about their favorite game, and one wrong click on your work computer can lead to an accidental malware download.
9. Use multi-factor authentication.
Many platforms and applications provide an option for multi-factor authentication, the most common being two-factor authentication (2FA). Passwords can easily be stolen and leaked, so make sure to opt for this option when it is offered, instead of relying on your password alone.
10. Be careful of Coronavirus-themed emails and websites.
During the COVID-19 epidemic, the cyber realm has seen an immense number of coronavirus-themed malware and phishing campaigns. Attackers are using fake emails to ignite panic, supposedly supply vital information or trick victims in to thinking they are getting some type of compensation, while they are actually installing malware or phishing for passwords, personal information and bank credentials.
In other cases, fake COVID-19 mobile applications and websites distribute malware and trick victims in to surrendering their sensitive information. Take extra caution when receiving emails mentioning COVID-19 or visiting unfamiliar websites referring to the pandemic. Pay attention to the URL, or in case of emails, to the sender, content, and check for grammar and spelling errors. If you would like to acquire information about Coronavirus, visit official websites directly, such as the official World Health Organization website.