One man’s misfortune is another man’s gain, as the saying goes. And that’s the case even as the coronavirus pandemic rages across the planet - because cybercriminals will stop at nothing it seems.
Despite everything, they’re still hard at work, devising ever more devious ways to cripple networks, steal data, and defraud people of their hard-earned cash. And as fate would have it, a world-wide workforce largely remote working from home, coupled with a thirst for information about COVID-19, has played directly into their hands.
The haste to set people up to access company servers from home, sometimes with a lack of real knowledge how to do so, has left a whole universe of remote working security vulnerabilities for cybercriminals to exploit. Meantime, the lure of ‘essential’ coronavirus updates and insight has fuelled a flurry of clicks on websites of dubious origin.
So far we’ve seen scams originated by criminal gangs posing as the World Health Organisation and the US Centre for Disease Control. More worryingly, cybersecurity firm Checkpoint reports over 4,000 coronavirus-related web domains registered globally since January, 3% of them definitely malicious plus another 5% suspicious.
And as the pandemic spreads, with some form of lockdown the new norm for many, the opportunities for hackers will only multiply. That makes it doubly important to know what to look out for in terms of security vulnerabilities and ways cybercriminals can exploit you. Also, importantly, what you can do to prevent that happening.
3 ways hackers will try and find a way into your systems
Here’s some favourite methods cybercriminals use to hack your systems:
1. Phishing emails
Ever fallen for a practical joke, like picking up an urgent message to phone Mr Leon Cubb and finding yourself talking to the local zoo? Well, in the same way that it’s easy to get pranked, it’s easy to fall for a bogus email.
In the current climate, these might come complete with a link promising crucial new advice for staying safe from coronavirus. Or for checking symptoms. Others might request donations to help fund charity efforts or scientific research to find a cure.
But clicking the link or attachment can unleash a torrent of malware or ransomware onto your system, which can quickly spread across your network and send files into an entirely different type of lockdown. It can even paralyse your website or delete data altogether.
Fake donation sites meanwhile might be just that, and will simply take your money down a black hole and run. But if they also require you to enter personal information, that data can then be used for identity theft and fraud.
Look out for spearphishing too. People are generally more stressed and distracted under the current conditions, which can increase their risk of making mistakes. Working in isolation also means they can’t simply check with a colleague across the office if they’re unsure about something.
So, if an electronic invoice comes in from what looks like a regular supplier, it’s maybe easier to miss the fact that a few crucial bank details are different to normal. So the transfer is made anyway – straight into the hands of a cybercriminal.
2. Malicious websites
So much new coronavirus information out there, so many people peddling it, and so many surfers in search of updates. With terms such as ‘coronavirus tips’ and ‘COVID-19’ riding high in google SERP, it’s easy for hackers to lure people to their hastily set up sites.
Once there, any everyday browser taking a bit of time out from the working day to do some research might not notice anything different. They might even find the information they’re looking for.
But what they won’t notice is the malware being downloaded onto their computer or the personal information being stolen. On some malicious sites, the malware will be disguised as files to download or an attachment you click to ‘see more’. Other even scarier sites have ‘drive by download’, so it’s enough just to visit a site or click on a pop-up window for your computer to be infected.
The UK’s National Cyber Security Centre is keeping people up-to-date on the latest coronavirus-related cyber threats via its website. It features a useful index of known malicious sites to avoid, which it updates regularly.
3. Remote working security vulnerabilities
Hackers are clever and they’re adept at spotting remote working security failings and sneaking onto networks unnoticed. Just one chink in your IT security armour can let them in to wreak havoc, paralyse or delete data and steal sensitive information.
The sheer number of people working from home during coronavirus lockdown is like payday come early for hackers. That’s because millions of people have emerged blinking from behind their workplace’s usual security blanket and are instead conducting business from their own house - maybe using unsecured Wi-Fi networks, routers with inadequate encryption and worse.
The very fact that so many people are connecting remotely to their company’s servers plays to hackers’ strengths. The fact is, every step in the chain presents a tempting opportunity for them to find a way into networks. And there’s a real fear that the scramble to set people up at home means many connections just don’t have the necessary security to keep hackers out.
3 ways to boost your remote working security
Cybercriminals are clever, but there’s still plenty of things you can do to foil their cunning plans.
1. Get the basics right
It’s more important now than ever to get your remote working security right. Not all hackers can be stopped because they move quickly and can exploit the merest hint of vulnerability in any set-up. But properly configured security can present a pretty tough barrier for them to have to break down.
If staff are working from home, make sure their set-up is as watertight as it can be. It’s surprising how many people use devices like laptops and tablets but fail to use complex passwords, enable a firewall or download anti-virus software. As the first line of IT defence, this is essential.
Similarly, make certain all staff have their devices set to download the latest Windows or Mac updates automatically. Also commit them to keeping software programs up-to-date by installing bug fixes and latest versions.
The thing is, security patches like these are usually released once a vulnerability in a program or operating system has been spotted. So to update only after a hacker has already used that vulnerability to sneak onto your PC is too late.
Remember the Wannacry ransomware attack that crippled large organisations like FedEx’s and NHS hospitals’ networks in 2017? It took advantage of a vulnerability in Windows operating software, particularly Windows XP, and unpatched computers were brutally exploited - 200,000 of them across 150 countries. Ouch.
2. Make sure your VPN is watertight
Huge swathes of workers across the world are now accessing their company servers via a remote connection across a VPN (virtual private network). But unless the VPN you’re using is secure and correctly configured, you could be advertising an easy way for cybercriminals to access those servers too.
The first step is to ensure your VPN provider really does provide a totally private connection, and that data is fully encrypted. As a word of warning, it’s been recently reported that cybercriminals have been busy exploiting a vulnerability in the Citrix VPN, Citrix Gateway. So, do your homework and check out which VPNs offer the best security.
Also important is to make sure your VPN has 2-step authentication. That means people can only access it by providing two unique pieces of information, say a user password combined with a one-time generated password, or voice/facial recognition. It makes it much harder for hackers to exploit the connection and find a way into your systems.
3. Train your staff
It’s safe to say that most cyber-attacks start with human error. A member of staff is tricked into clicking on a malicious email link or attachment and infects the whole network with malware, for example. It’s easily done.
So it’s essential to train your staff in all matters of cybersecurity, from using secure passwords, to what to look out for in terms of phishing emails and malicious websites. There are plenty of online training programs out there that can help – Sophos and Cybsafe are just two.
Also make sure you have a home working policy and everyone has read and acknowledged it. It should have a section that states what’s expected from employees in terms of remote working security, including applying the latest operating system updates and running up-to-date antivirus software.
What to do if you’re hacked
If your systems are paralysed, your data’s been stolen, your website’s been taken down or your files are being held to ransom, you can always call an IT expert for help. But that’s not always much use in these days of lockdown. Plus an IT expert will only be able to do so much.
What you really need is a plan for recovery. Something that can help fix the problem, deal with any damage and make sure you get back on your feet again quickly. Also something to handle the potentially sensitive issue of stolen data if that’s in the equation too.
Because every day spent not operating at full capacity means lost revenue. And every day sensitive info that’s now in the hands of cybercriminals isn’t reported to the regulator or the affected parties spells more trouble.
A one-size-fits-all solution is cyber insurance. It provides immediate help to stop an attack, fix the damage, retrieve data and get you up and running again as quickly as possible. Plus it also covers your lost revenue, as well as any claims against you or regulatory investigations as a result of losing people’s personal information.
If you’d like a quick quote, click here. Or call the team on 0345 222 5391.
Image used under license from Shutterstock.coronaviruscyber liability insurancerunning a business