Security Measures While Working From Home
Covid19 outbreak has also brought Cyber attackers in open, with organization reporting an alarming spike in cyber-attacks. India as per the News18.com article has seen a 37% spike in Q1 alone . FBI reports 400% spike in cyber-attacks as per another article . Cyber attackers are not sparing anyone including WHO, who have reported twice been attacked in the past two months.
Organisations are compelled to now redesign work from home policies ensuring cyber secured best practises. RACE labs cybersecurity researchers reached out to a few of the industry leaders to understand the best practices to protect their crown jewels.
The most prominent attacks during Covid-19 include,
Social Engineering Attacks
targetting gullible employees have been in the rise. The attackers take advantage of the innocence, fear and confusion of people working from home which is leading to a spike in malicious campaigns targeting remote workers. Phishing emails, business email compromise attacks, Spear Phishing, Malware and Ransomware attacks etc have been on the rise.
Endpoints attacks connecting to an enterprise network
– Endpoints connecting to a corporate network is attacked quite often by cyberbullies, which otherwise is protected by enterprise network controls (Web Proxy, Advanced Threat Protection, Firewall, Network Intrusion Prevention). End-point may not have adequate controls to defend from advanced cyber threats making them vulnerable. Remote Access Threat through Remote Access Trojans (RATs), Brute Force VPN credentials, poorly configured home routers have been on the rise.
Attacks on BYOD
– Using personal devices for work purposes is another easy threat. Poor password practices and hygiene have accelerated these kinds of attacks. Usage of personal devices connecting to an enterprise network – Non-availability of the corporate asset will force staffs to use their devices to deliver their work tasks. These personal devices will often lack the security controls built into corporate assets, such as antivirus software, firewalls, cloud proxy and automatic online backup tools. This increases the risk of malicious perpetrator penetrating way onto the vulnerable device and eventually gaining access to the enterprise network.
Attacks on Shared or public WIFI network
– Not every staff will be working from secures home WIFI network, some of them may be using unsecured shared WIFI networks (PG, Public WIFI network) which are potentially vulnerable to malicious attacks from Internet traffic, which could lead to compromise of endpoints.
How to prevent cyber attacks while working from home?
Awareness is the key to protection against cyber attackers. Even the most educated IT employees are prone to these threats. People must have an awareness of various scams going on by following cybersecurity news and organizational advisories. A set of processes and technologies need to be introduced at the organizational level and communicate and enforce the same with the staff is critical.
Do’s and Don’t at Personal level
- Do not open attachments or click URLs sent through unsolicited emails and learn how to spot phishing attacks.
- Do not connect personal pen drives into USB ports without virus scanning. USB devices like pen drives could be infected with malware. It’s better to avoid connecting such devices at all.
- Do have a separate login for your use on personal devices to connect with the organization’s network.
- Do keep your device patched and up to date. Invest in good malware protection tool.
- Do not visit unknown or shady websites while browsing to avoid drive-by download malware infections.
- Do not save sensitive company data in your device (ideally company should configure in such a way that any copying of classified data is restricted). Use multi-factor authentication.
- Passwords are the first line of defence. Do use strong passwords and don’t use the same passwords for different accounts to avoid becoming a victim of credential stuffing attacks. Use a reliable password manager tool to safe keep passwords and refer them in case you forget. Avoid sharing logins with anyone.
- Do read and follow company advisories and requirements on patching, appropriate use of systems, applications, etc.
- Don’t assume things when it comes to data security and privacy. Always check with the information security team or IT helpdesk if in doubt. Always report to IT Helpdesk of any unusual activity in your laptop for quick checks & action for resolution. The quicker you report, the better.
- Do change your wireless network SSID name, disable WPS, turn off guest networking, and choose strong security protocol in your home routers like WPA2.
Do’s and Don’t’s at Organization Level
- Corporate resources access should be via a virtual private network (VPN) – To secure data as it moves between your enterprise core systems and staff working from home, deploy a VPN. This will be an additional layer of security.
- Provision security protection – Don’t trust the home system, before allowing connection to review the systems and allow only systems with active and up-to-date security protection (Patches, Proxy, Antivirus, Firewall, Device Encryption)
- Ensure that software is latest and updated – Encourage staff to upgrade their software to the latest version supported under the company’s security policy.
- Re-emphasize to employees on basic security knowledge – Provide security awareness to staffs working from home regarding -phishing emails, public Wi-Fi, securing home Wi-Fi routers, strong passwords
- Implement multi-factor authentication – Multi-factor authentication is the most effective control to prevent unauthorised access to computers, applications and cloud services.
- Encourage staff to use trusted Wi-Fi – Using free/shared WIFI network may be tempting. It can also put your information at risk. Free Wi-Fi by its very nature is insecure and can expose browsing activity to cybercriminals
- Have continuous communication with staff – Cybercriminals and other malicious actors use popular and trending topics such as COVID-19 to spread wrong information or scam people. Impersonating, cloning or creating websites to look genuine is one way to do this.