The COVID-19 pandemic has changed as we know it, and there is no doubt about that. Since we are compelled to say at home, to reduce the spreading of the virus, it means most of our activities have moved online. We shop online, we watch movies online, and we also work online.
Staying at home is supposed to protect us, but it can also open the door to other threats – cybersecurity attacks. Companies are doing the best they can to protect themselves from potential attacks, but ultimately it is up to the users themselves to learn how to spot threats and don’t fall prey to phishing attacks.
Usually, employees are presented with a set of rules for safe online communication when using corporate devices, but these rules tend to be enforced less when users bring their computers home. This leaves sensitive data exposed and becomes a cybersecurity risk that companies find hard to eliminate.
Securely working remotely
At its core, cybersecurity is not a hardware or software problem, but a human problem. It is the user in front of the screen that exposes the device to threats. Cyber-attackers know that very well and use a variety of techniques to trick users into giving out sensitive information.
Gone are the days when you could spot a sketchy website or email. Now malicious websites can look just as good, if not better than reliable sources, and can easily trick the untrained eye. This is why, now more than ever, users need to be very careful when accessing links or emails or direct message attachments.
In order to safely work from home, people need to improve their security habits. Even though phishing campaigns are constantly exposed to media, they are still very effective, as people rarely verify the legitimacy of the sender. This way, they end up clicking malicious links, download compromised files, or enter their credentials into fake websites.
- In order to avoid such issues, users and companies can do the following:
- Ensure that the person sending the email is who they claim to be
- Only use official methods of communication such as email to communicate
- Use shared file systems such as DropBox or OneDrive to send and receive files
- Use a VPN service to set up a hosted server on a private network and instruct employees to use these servers only.
Corporate security teams have a lot to deal with
Ransomware attacks use software that blocks the original user from accessing a computer system, with the attacker demanding payments to give back access to the user. Recent reports have shown a 148% increase in ransomware attacks in March, compared to the previous month.
This happens because corporations need to change their networks to allow employees to work from home. This makes it much easier for attackers to access corporate servers and do their malicious jobs.
Most companies use VPN services, but these networks need a lot of maintenance as well, and security teams are doing their best to keep things going as smoothly as possible. For some companies, working hours have been modified, meaning VPNs are now used at all hours of the day. This makes it hard to find a time slot when updates can be installed.
Ransomware attacks have hit hospitals hard in the past month as if they didn’t already have a lot on their hands. The Champaign-Urbana Public Health District had computers shut down for three days last month, as hackers demanded $300,000 in ransom. And this does not happen to the U.S. alone. In the Czech Republic, a cyberattack shut down computers at a university hospital, forcing the facility to turn away patients.
This does not happen because hospitals and healthcare facilities are necessarily more exposed, but because such attacks have more severe consequences and attackers know how to leverage that.
How is the Bay Area holding up?
The California Consumer Privacy Act, which took effect on January 1 this year, is the most extensive internet privacy law in the U.S., as it gives users new rights to control how their personal information is sold to and used by third parties. However, to give companies time to prepare, the new act won’t be enforced until July 1. And even though this can potentially reduce hackers’ access to users’ personal data, there is still a lot to work on.
The Bay Area has been hit by some serious cybersecurity attacks in the past month. Students in both Oakland and Berkley had their privacy compromised when an unknown man gained access to a Zoom video conference where high school students were taking online classes. All video conferencing with students was banned in the district until security could be ensured.
In Oakland, hundreds of access codes were accidentally exposed by administrators, giving anyone access to Zoom video conferences and student data. Oakland officials were initially unaware of the exposure.
But the incident that was covered most by media was the cyberattack at the San Francisco Airport. Hackers managed to compromise two of the airport’s websites and get access to users’ credentials. But surprisingly, they were not after the credentials used to login to the websites themselves, but rather users’ Windows device credentials. The malicious code has since then been removed, but officials advise users to change their Windows login passwords immediately if they so much as visited any of the two websites.
What can companies do to improve cybersecurity?
As technology advances, so do cyberattack tools, meaning outdated security measures don’t stand a chance against attackers. Cybercrime is evolving fast, so companies need to invest in modern security systems to keep unwanted eyes out of their networks.
Predicting attacks has become difficult, and what businesses need to do is invest in AI and data-driven tools that allow a better understanding of what is considered “normal behavior” in their digital business sector. Understanding these behaviors helps companies monitor and detect emerging threats, even when attacks become more sophisticated.
Advanced cyberattacks must be met with advanced security if we want to stand a chance against them.