The world is currently experiencing a global misfortune in the form of the COVID-19 outbreak. Many countries have already gone into lock-down and self-isolation seems to be the recommended advice for most. This means that businesses have to deal with absent employees or embrace teleworking, which is also referred to as remote working.
Remote working however may come with new challenges for an organisation. One of these new challenges is information security. Remote working increases the attack surface, ways in which intruders can attack a system, of an organisation. By connecting to networks and using spaces that don’t belong to the organisation, workers are introduced to threats that they many not be completely prepared for. It is therefore important for employee and employer to follow guidelines that seek to protect the information of an organisation while working remotely.
Remote working is not a completely new concept and some of these guidelines can be practised post-pandemic. However, I want to stress on two types of attacks that I predict may become prevalent during the pandemic.
Coronavirus based Phishing Campaigns
Coronavirus based phishing campaigns are already becoming popular in the cyberspace. As early as the beginning of February, a phishing email campaign aiming at spreading the Emotet malware was discovered by security researchers. This particular emails will either entice you into opening them or claim to give you an update on the spread of the virus by clicking a link. Clicking a link can trigger the download of a malware or spyware onto your system.
It is therefore important for you to be cautious about any email or SMS that has anything to do with coronavirus. Before you click on a link on the email, inspect if the source of the email is valid. That means you should check whether the sender is indeed someone you would expect to receive an email from. Cyber-criminals usually use spoofed email addresses to send phishing emails. A spoofed email address is simply an email address that looks like a legitimate address but it is not. An example of a spoofed email address is “[email protected]”. The attacker has simply substituted the letter “O” with the number “0”. In some fonts this may be very difficult to differentiate and that is why you should always be vigilant. Security starts with you.
Other precautions you can take in relation to this is:
- Don’t forward emails on this topic.
- Only read messages on this topic from government sources and health institutions.
Business Email Compromise (BEC) Attacks
Business Email Compromise attacks are attacks in which an attacker sends an email to an employee claiming to be a supervisor, manager or CEO and requests for an urgent action such as sending payroll information or sharing login credentials. The attacker in this case also uses spoofed emails so it may be difficult to notice if it’s from a legitimate source. The attackers know that employees are more likely to obey their superiors and use this against them.
Always make sure when you receive “URGENT” emails you confirm that your superior actually sent you the email, especially if you are working remotely. Check the sender email address and email ID to ensure the email is from a credible source. Since you are working remotely, if the action being requested involves actions such as releasing funds or sharing credentials make it your responsibility to call the individual requesting this action and find out if they actually sent the email.
Other Precautions to Take
- Connect to a secure WiFi while working. Don’t use public WiFi.
- Don’t work in shared spaces where what you’re working on can be viewed by others.
- If you must work in a shared space, don’t leave the work computer unattended because physical theft is also a security threat.
- Follow security policies put in place by your organisation in regards to working remotely.
- Don’t work on your home computer and don’t entertain yourself on the work computer.
- Always have an updated anti-virus on your computer.
- IT teams can use Mobile Device Management(MDM) or Mobile Application Management(MAM) solutions to control how an organisation’s devices are being used.
For more guidelines; ENISA, The European Union Agency for Cybersecurity, has released guidelines for employees and employers on working remotely during this time.
Take care of yourselves and others around you. Happy self-isolating.