As per the Global Risk Report 2020 recently published by the World Economic Forum, cyber attacks are in the Top 10 risks category in terms of likelihood, as well as impact. With the recent pandemic, this risk has become even more severe. In fact, per a report published by Barracuda Networks, the number of COVID-19 related email attacks has increased by 667 percent since the end of February this year.
It’s important for businesses and employees to know and follow cybersecurity basics/hygiene. Organizations can enforce the checklist issued by INTERPOL below with their employees who are working from home. We have divided our cyber security tips to these three sections: precautions, identification and action.
Precaution is better than cure. This is true for cyber security as well, especially in current times. Employees should know the Do’s and Don’ts while working remotely.
• Be skeptical of emails coming from unknown senders or event familiar people (like your company’s CEO or your doctor) who do not usually communicate directly with you.
• Don’t click on links or open attachments from those senders.
• Don’t forward suspicious emails to co-workers.
• Don’t use the office laptop for personal use like watching movies, social media etc.
• Don’t use weak passwords for your home network because if the home network is compromised, hackers will have a good shot at getting into the work network.
• Increase vigilance: Just as we need t be vigilant not to spread COVID-19, we also need vigilance in protecting our digital infrastructure.
• Keep Backups: All institutions, including hospitals and public health organizations, should have recent backups (a few copies with a few stakeholders) that would allow them to rapidly restore services in the event of a ransomware attack.
• Ask others: If you received an unexpected email, verify with sender. For example, if you receive a strange email claiming to be your friend, try calling your friend over the phone to double check that it’s from them.
Organizations should communicate and train their employees so they can differentiate between malicious and authorized emails, links, attachments, etc. This will help organizations to secure their employees from most of the traps used by a cybercriminal.
• Spoofing email signals: These email addresses look like an original email addresses of an authorized entity. Look for a slight changes in characters used that make email addresses look visually correct — for example, a .com domain where it should be .gov. To handle this situation, before opening or clicking on any link in an email, one should look for any slight changes in the email addresses in “From:” and “To:” section of the email
• Grammatical errors are another signal to identify malicious content in the text of the email; they’re usually a good sign of a malicious email
• Hover over any link to see the address and report the suspicious addresses to IT department
Once a user is skeptical and thinks something might be a malicious attack vector, they should responsibly inform the appropriate security team so they can communicate to other employees and save them from the trap of cyber criminals. This step is very important because not everybody in an organization is equally aware of cybersecurity, and the weakest link can help cyber criminals to breach an organization.
• If you think you’ve received a suspicious email, don’t click on any of the links or content in this email, and report this to the IT or security department
• Install the anti-phishing filter to safeguard browsers and emails
• Use the anti-virus software to scan the attachments in emails, messages, etc.
• Avoid donating to charities via clicking on URLs. As a best practice, directly go to the website to donate. These links might be malicious or redirect you to a malicious website
• Prioritize governance, risk and compliance in cybersecurity programs
Many organizations without proper policy and processes to maintain their remote workforce, as well as other challenges which arise from COVID-19, have raised a red flag for their preparedness for such conditions. It’s important to review and revise company policies and procedures. Even if employees are working from home, they still need to adhere to company policies
• Work on making your perimeter stronger
• Organization should focus on security solutions which can help them to identify risks proactively and take action before attackers can exploit it
• Use continuous automated risk monitoring – endpoint protection
• Employees working on their laptops and devices remotely can expose them to hackers and are the first line of defense
• Organizations should protect their devices against malware (standard and advanced)
• Testing security software should be consistent to make sure it works as it is expected to
• Harden and patch your devices
• Secure third-party apps and other externally facing applications
• As a best practice, employees should only use approved applications on corporate devices
• Even employees who are using a home network for office work should avoid using malicious and unapproved tools, because if the home network is compromised, there are good chances of a corporate account getting compromised as well
• Organizations should use risk-based authentication and multi-factor authentication, especially for critical applications which allow a supplier or vendor (or a cybercriminal posing as a supplier or vendors) to change bank account details or make other changes, which may impact financial stability of an organization
Strengthen your remote access management policy and procedures
• Implement multi-factor authentication for VPN access, IP address whitelisting, limits on remote desktop protocol (RDP) access and added scrutiny of remote network connections. Also, keep patching all access management software on a timely basis
Take a collaborative approach. Get a full view of your risks
• Cyber security is not only the responsibility of a security team. Cyber security of an organization is as strong as its weakest link. Any weak link can cause a breach
• Organizations should collaborate with other functions — including treasury, financial controls and fraud teams. This helps in faster prevention and detection of frauds, and also broaden their view of threats and risks during the crisis
Step up security awareness and training to employees
• As for most of the organizations, this might be the first time that all three lines of defense are working remotely and many of their employees are not aware of cyber security best practices for working remotely (Do’s and Don’ts)
• As employees are the first line of defense, as well as the easiest target for hackers, organizations must make sure that employees are aware and trained of security best practices. Organization should also conduct some social engineering exercises internally to test their defenses
We have tried here to provide you with a checklist but this is not enough. Organizations should make sure that cyber security best practices are built into their culture. It’s an entire organization’s responsibility to fight against cyber criminals.
At MetricStream, we understand the challenges organizations are facing and have launched a COVID-19 Solution to help organizations through the COVID-19 crisis. The solution can give organizations the ability to manage information, processes and responses, and take decisions that impact employees, business leaders, customers, vendors and partners. Please refer to COVID-19 Resource center for more such informational resources