As if there isn’t enough to worry about today, cyberattacks have increased since the pandemic began. From January to March, AT&T Alien Labs Open Threat Exchange (OTX) saw 419,643 COVID-19 related COI. With these defensive tips, we will help you stay out of these numbers.
Keep in mind that there was a 2,000% increase from February to March.
Cybercriminals preyed on the switch to remote work and increased their attacks by 40% in just a month.
Among the most common attacks are the kidnapping of domestic routers and phishing. In the latter, OTX detected an increase of 500% due to the relevance of the subject: COVID-19.
Another alarming fact is the suspicion that of the 4,000 new domains related to COVID-19, many have criminal intentions.
We are all affected
Both large and small companies are in a bad place right now. It is not easy to manage a remote workforce. But asking the staff to return to the office could worsen the health crisis.
Having them work at home keeps your employees safe. However, it creates a much larger cyberattack surface that criminals can exploit. Besides, trying to secure every employee’s home against cyberattacks is an IT manager’s worst nightmare.
For most companies, the new remote working environment introduces a whole new security landscape.
How can we strengthen our cybersecurity?
In the long term, this situation will strengthen cloud security and increase the use of zero-trust models. But all this won’t happen until a few years from now. What can we do now
In the short term, we present these defensive tips to make your IT environment more secure. Although these are basic concepts, they are as important and easy to put in place.
Defensive tips: Social distancing = Digital distancing
In general, those who use a home Wi-Fi network are users with no cybersecurity experience.
If one or more members connect to the office remotely, it leaves openings for other users. Children and adults who can access the Internet through that home network become potential dangers.
The easiest solution that your employee can apply is to divide the Internet access to their home. They should try to prevent children and adults alike from playing video games, checking their email, and downloading movies on their network. Isolating the session in the family member’s office is vital.
An extra step in these defensive tips is to avoid logging in on the same connection used by home IoT devices. Smart thermostats, wireless doorbell cameras, and virtual personal assistants are potential access points.
Also, isolating a home network connection does not require particularly deep IT skills. Many affordable home and office routers offer different VLAN support. What’s more, most Wi-Fi kits offer the ability to set up a “guest” network.
If all this fails, IT departments can provide simple instructions to employees working remotely. Teaching them how to configure this on common routers demonstrates the importance of this step.
Defensive Tips: Provide your staff with their own lightweight mobile devices
In the office, your IT department employs all kinds of controls on computers to prevent attacks. However, when your entire company switches to a “BYOD” environment, how do you react?
Do you know how much malware exists on your employee’s home devices? Can you invest weeks of work in each of their computers?
The variability in each computer and laptop makes them more difficult to protect.
It is common for people to download links from untrusted sites and install all kinds of software. And we all know that this type of user is the number one vulnerability for a company.
If your remote workers use lightweight devices (smartphones, tablets) they increase your security. Besides, you can send them these defensive tips so they realize the importance of cybersecurity.
First, your employees can use mobile data to work and forego their home network. Second, they can pair these devices with the manufacturer’s security software to keep them secure.
Configure these devices so that they can install only verified software. Ensure they come only from official sources and secure applications. You can even configure your company’s store as the default permissions.
Cyberattackers find it difficult to infiltrate these kinds of environments. Besides, manufacturers polish their vulnerabilities periodically. When app stores find a vulnerability, they patch the software to remove the threat.
It’s true: These devices are not foolproof, but they are much easier to keep “clean” in a remote environment.
Defensive tips: Moving to the cloud always generates benefits
It’s a fact: It is time to forget about software installed in physical spaces and move to the cloud. If you haven’t, let this change in your priorities be the boost you need.
Software as Service solutions is the new trend for their benefits. They can improve your customer relationship management, office productivity, and even creative work. In addition, they usually have much better prices than traditional software.
Yes, these platforms are not infallible. But there’s a team behind these companies working alongside you.
A good combination
When working with lightweight devices and SaaS applications in the cloud, you reduce your attack surface. Also, note that cloud providers have a protection infrastructure, you are responsible for protecting your applications.
Good administration generates good results
Currently, countless tools help companies, especially in the remote aspect. Yet, the best way to achieve this is through the Security Information and Event Management (SIEM).
A SIEM tool is an instrument that generates centralized reports, incident response, compliance reports, etc. These systems currently collect security log events within a company and store relevant data.
One of the best tools that we can recommend is Rapid7. This tool combines the best of two worlds: SIEM solutions and behavior analysis.
This results in a powerful SIEM tool called InsightIDR. It is an instrument that goes beyond traditional security approaches.
InsightIDR only allows companies to expect internal threats; it also covers a wide spectrum of external threats.
If you want to learn more about SIEM tool benefits or productivity, contact us. We offer the best tools on the market. Our team is here to advise you and help you on your way to a more efficient IT environment.