Hackers capitalise on Covid 19: Exploiting the sudden boom of at-home workers
The immediate and rapid migration from our workplaces to the household has greatly expanded the cybercrime landscape:
Cyber-criminals across the globe are tailoring their efforts to remote workers and developing new scams designed specifically to exploit individuals during this vulnerable time.
As we leave the office and migrate to our respective homes, we need to take a step back and consider a few things:
- We’re taking our office with us: not just the pens and pencils, but our sensitive company data and system logins. Assets that we as individuals need to keep safe during the transition to working from home.
- In doing this, we’re simultaneously leaving behind one of the biggest benefits of working in the office: security.
Amidst the endless news-cycle of COVID-19, we’re seeing constant public safety warnings extending not only for our hygiene and physical wellbeing, but also our mental health, socialisation, and cyber–safety.
The Australian Cyber Security Centre (ACSC)and countless government bodies are warning of the surge in online risks and vulnerabilities that COVID-19 has introduced.
All of a sudden, we’re incurring dangers of network security, access control, data management and a whole slew of cyber-security necessities that the majority of us have never had to consider before.
For cyber-criminals, this is an opportunity to profit and exploit like never before. To put it into an analogy, it’s as if the all of the shopfronts in the world have unanimously removed their locks and taken their inventories out on to the streets.
Countless workplaces have just had their security scattered to employee households with little-to-no central safety measures, and to ensure that both staff and the organisation at large are operating safely during these changing times. there are two key factors that every business needs to account for:
- Network security: This means a centralised standard of VPN, secure Wi-Fi and access control to any data and systems of the organisations when accessed remotely
This is typically performed by a dedicated I.T. team, member of staff or service provider. In the event that you haven’t already arranged this, I’d recommend moving fast to get ahead of the demand.
Already companies such as Cisco Systems Inc have seen a 1000% increase in demand for support services that cater to work-from-home security setups. Ensure that all members of your team are working from home under company networks and a secure connection.
- An individual understanding of risk and cyber safety: While working from home, you’ll find yourself facing a whole range of new cyber-threats and scams specifically designed to capitalise on individual mistakes. From opening the wrong email to clicking the wrong link, we’re all at risk of exposing corporate data from our own household if we aren’t careful.
You can expect to see scams that play on concerns surrounding COVID-19, especially on matters of personal safety and job security.
Already, cyber-criminals are disguising key-logging scams, malicious viruses and password theft as urgent warnings or health tips pertaining to COVID-19. (You can report and read on said scams via the Scamwatch website)
This is common practice for scammers: Finding a hot topic of public concern or vulnerability and using it to exploit those in distress for a profit. Even as recently as the Australian Bushfire Crisis, scams were quickly tallied by Scamwatch to be in the hundreds, some with damages in the thousands. (Further reading & advice regarding Australian Bushfire Scams can be found via the ACCC)
Considering COVID-19 is a global crisis and incomparable epidemic, expect to see plenty of scams. Make sure to operate with both caution and a hefty grain of salt. We’re all surrounded by a lot of information at the moment. A lot of it bad news. We’re inundated and the majority of us are feeling overwhelmed. It’s especially important during this time in which we may not be processing things at our usual standards, that we take a step back and reconsider what we’re looking at online.
It’s especially easy at the moment to click the wrong link or open the wrong email by mistake. To avoid falling into a malicious or compromising situation, slow down while you’re checking your emails and try your best to stay mindful while you navigate through your work-day.
In addition to staying aware of the current scams surrounding COVID-19, you can further protect yourself by keeping work devices and home devices separate. We recommend that you both refrain from doing work on personal systems and keep your personal accounts logged off of your work-devices to prevent cross-contamination of potential threats between work and home.
Finally, here’s a quick-guide image to follow for some work-from-home essentials:
For more information on staying safe at home and protecting your corporate data, we’ve developed an awareness program tailor-made to working from home: https://portal.cyberaware.com/remote