Reading Time: ~ 3 min.
We’re all
thinking about it, so let’s call it out by name right away. The novel
coronavirus, COVID-19, is a big deal. For many of us, the structure of our
lives is changing daily; and those of us who are capable of doing our work
remotely are likely doing so more than we ever have before.
It’s not
likely that cybercriminals will cut us a break during this difficult time of
quarantine and pandemic outbreak. If anything, we will only see an increase of
attacks and ransom amounts since this is when infrastructures of modern
civilization are needed most but have the least amount of time to react and debate
on paying or negotiating the price. Also, many of the cybercriminals who breach
and ransom as a side job are now forced to either work from home or their
shifts are completely canceled, leaving them with more time and motivation to
make up their income elsewhere. This is a prime circumstance for increased
cyberattacks, and individuals and businesses should be hyper aware of their
behavior both online and offline.
Not only are
phishing and ransomware attacks, which tend to capitalize on current headlines,
on the rise, but business email compromise (BEC) is also up. BEC is when a
cybercriminal breaks into a legitimate corporate email account and impersonates
the real owner to defraud the business or its partners, customers, or employees
into sending money or sensitive data to the attacker. With so many more people
working remotely and less able to verify emailed requests from coworkers as
legitimate, you can imagine how this threat could run rampant.
What follows
are some tips for staying safe, both for individuals in their personal lives
and for businesses with remote workers.
Cyber Resilience Tips for Individuals
What to do:
- Find information about COVID-19 at the official
sites of the World
Health Organization (WHO) or the U.S. Center for Disease Control (CDC). - Ensure you have antivirus protection on all your
devices, and that it’s up to date. - Exercise caution when providing personal
information. Be very suspicious of requests for personal information that occur
via email, phone, text message, or social media message.
What NOT to do:
- Do not open emails regarding COVID-19 from
unknown senders. These could be phishing
scams. - Do not click on links in emails regarding
COVID-19. Email links can be used to spread computer viruses and other malware. - Do not download or open email attachments from
unknown senders. These could contain viruses and other malware. - Do not click on links in social media messages,
even if they are from someone you know. Your contacts’ accounts may have
compromised. - Do not click on ads or social media posts
regarding COVID-19. They may be fake and contain malicious content.
Cyber Resilience Tips for Businesses
The best
defense is prevention. To prevent, you have to plan ahead.
Be prepared for remote work conditions.
Life gets in
the way. Between severe weather, personal emergencies, illness, and worker
wellbeing, employees need to be able to work from home for a variety of
reasons.
- Enable everyone to work from off-site locations.
- Ensure all employees feel welcome to work from
home when needed. - Install robust endpoint
security on all devices so employees and data stay safe. - Give all employees access to a VPN to help
protect corporate data, wherever they connect. - Implement measures to back up data saved on local devices while
workers are remote. - Add collaboration tools so teams can continue to
work together while physically separated. - Warn employees about phishing and BEC. Share the
Cyber Resilience Tips for Individuals we included above, and encourage
employees to be extra vigilant about unexpected invoices or other financial
requests. Even when we’re all remote, it only takes a quick phone call to
verify the legitimacy of an unusual request.
Be prepared for threats to your data.
From modern
cyberattacks to natural disasters and physical damage, there are a lot of
threats to your critical business data.
- Protect all endpoint devices, including
computers and servers, with next-generation
cybersecurity solutions. - Create a data backup process for data
availability at alternate business locations when the main office is closed. - Implement high-availability data replication and
migration safeguards ensure data is available, no matter what happens. - Add protection
for Microsoft Office 365 and other collaboration platforms so content
stored and shared in the cloud stays safe. - Use a solution that includes device monitoring,
tracking, and remote erase functionality so lost or stolen devices can be
located or wiped. - Empower employees to become a strong line of
defense by educating
them about cybersecurity and data safety risks. - Make sure to use RDP solutions that encrypt the
data and use 2FA authentication when remoting into other machines as the presence of an
open port with RDP was associated with 37% greater likelihood of a ransomware attack.
Our Commitment to Resilience
Rest
assured, we’re practicing what we preach. All of our global employees are able
to work from home securely. In these crazy times, it’s more important than ever
to redouble our focus on helping each other. At Webroot, we feel it’s our
social responsibility to do what we can to keep one another safe, both online
and offline. We hope you’ll join us in our commitment to resilience. Stay safe
and healthy, everyone.
The post Staying Cyber Resilient During a Pandemic appeared first on Webroot Blog.