Product companies always deal with unfamiliar situations. Since companies are running their operations remotely, opportunistic threat actors have increased their attacks which has increased the importance of cybersecurity.
During the COVID-19 pandemic, it's important that pre-emptive steps are taken to ensure the security of your business operations. Cyber attackers are more active than ever and are exploiting human nature and system vulnerabilities.
While working from home, employees and systems may be exposed to lost WiFi networks and unsecured devices. Security professionals are facing a unique set of challenges during this time and have already begun to see the consequences of coronavirus-themed threats.
|
Browser-based attacks via malicious plugins
|
|
Remote desktop tools offer a new surface of attack
|
|
60% of data breaches are caused because the victim has not yet patched. Only the systems in VPN can be patched
|
|
Intruders are taking advantage of Distributed Denial of Service (DDoS) when engineers are working remotely
|
|
Phishing scams by emails and attachments with the subject coronavirus or COVID-19
|
|
Engineers are using personal devices to access official documents, which adds to the vulnerabilities that may be detected in secured office premises
|
|
Video conferencing tools, healthcare, and education domains have become the main targets for cyber attacks
|
Remote Work Policies
Establish and communicate clear remote work policies, including guidelines for secure access, device management, and data handling. Continuously update your security policies and procedures to adapt to evolving threats and circumstances.
Follow Organization’s Security Guidelines
Only keep official data on work computers, do not click on any unknown link from unknown senders
Use VPN Services
A VPN ensures your data will be encrypted, regardless of the network settings.
Regular Software Updates
Ensure all software, including security and operating systems, is updated with the latest patches.
Use MFA
Add an extra security checkpoint, such as confirming a login via password via Okta authentication, Google authenticator, Yubikey, etc.
Encryption Software
This will prevent unauthorized access to data in case a device is lost.
Remote-wipe Apps
You can erase application data if the device goes missing.
Awareness
Be aware of the threats from phishing attacks, malware, and viruses associated with COVID-19
Strong Passwords
Enforce strong password policies and encourage password changes, especially for remote access accounts.
Phishing Protection
Implement email filtering and phishing protection mechanisms to reduce the risk of social engineering attacks.
According to a “Markets & Markets” report, the cybersecurity market will grow from $183.2 billion in 2019 to $230 billion by 2021 at a CAGR of 12% amidst COVID-19.
FortiGuard Labs has reported 600 new phishing campaigns daily, a 131% increase in March 2020 as compared to last year.
We would love to hear your feedback, questions, comments and suggestions. This will help us to make us better and more useful next time.
Share your thoughts and ideas at knowledgecenter@qasource.com