Cyberattacks Have Increased During The Pandemic – Here’s What To Do
Drastic alterations to the way we work in the face of the coronavirus pandemic have created a sea change in technological requirements and cybersecurity concerns. Across our nation and beyond, armies of system administrators, network engineers, cybersecurity specialists, software technicians, and managed service providers are working around the clock to keep us connected and functioning like never before.
As we see more people move to a virtual office environment, we hear stories about security breaches and the downtime plaguing both organizations and end-users, primarily because their computer systems were not adequately protected. Cyberattacks went up nearly 40% in the month of March alone; April is likely to see similar if not greater increases in threats.
This article will discuss the cybersecurity problems faced by remote workers as they struggle to carry on during the COVID-19 outbreak, as well as the cybercriminal attacks that are rising during these times. We’ll conclude with some solutions that can help to close up security holes and avoid becoming the next victim.
The Bad News
The redoubling of cybercriminal attacks during the coronavirus pandemic poses a very real threat to organizations, both private and public. Hijackers are stepping their effects to take advantage of every possible lapse in security. End users are facing technical challenges and security risks in accessing needed data and systems.
The COVID-19 pandemic has forced a massive shift from work-at-office to work-from-home across businesses and public agencies of all types and sizes. Hazards and risks will continue to exist in the work environment as both technology and threats to IT continue to evolve faster than ever before. Cybercriminals are aware of all of this.
The Good News
The sky’s the limit when it comes to becoming a problem solver in the information technology sector. The need for more sophisticated technology solutions, cybersecurity, and capable IT professionals to help solve these problems is increasing daily. The IT sector is responding to this need with robust and effective ways to facilitate the new work paradigm safely, and MSPs are frequently leading the way, bringing to bear a hybrid of solutions that are supported in the information technology sector as an essential service.
Balancing cybersecurity with providing necessary access has proven difficult. Organizations and school districts all over the world are facing new security challenges as they work to provide access to remotely connected devices. The reality is that cyber-attacks are increasing every day as we shelter in place during the epidemic. Hackers and cybercriminals have stepped up their efforts, and are targeting not only you but the students in your home and your neighbors in your community. Overall, it seems as if things are getting worse every day. People are getting sick, losing their jobs, facing financial hardships, and becoming victims of ransomware and identity theft.
Millions of us can continue working remotely while staying at home, but the resiliency of home systems and networks, as well as those of employers, vary widely. The security of systems may not be up to standard, monitoring and access controls may be insufficient or lacking, routers and wifi networks may be vulnerable to hijacking, and so on. Despite the widespread reporting of constant cyber threats to both individuals and businesses, many remain clueless of the fact that they are a target, and sooner or later, they end up suffering costly or even fatal losses.
Absent proper security measures and controls, you can expect to be held back from your work because of ongoing problems that can require frequent updates, maintenance, and mitigation of damages. Not being in control can lead to data loss or any combination of issues that will only cost time, money, or worse. These problems can increase exponentially as more devices are connected to a network.
Internet Bandwidth And Stability
Due to the recent shelter-in-place orders, consumers have drastically increased their Internet usage via streaming of TV shows, movies, and online video games in the last few weeks. The shift from LAN (local network traffic like that contained within an office network) to WAN (wide-area network traffic, such as when workers connect remotely to their office network from home) has been so dramatic that the global Internet has felt its effects. Any remote location with more than one or two connected devices that are simultaneously utilizing Internet bandwidth can experience a network slowdown, which may negatively impact productivity. Internet Service Providers and tech companies are working together to strengthen internet connections and provide more available bandwidth in the face of this recently increased usage. You may even find that larger streaming companies such as YouTube, Netflix, and Amazon are automatically reducing their video quality to save some bandwidth.
Malicious hackers and scammers are blanketing the Internet with COVID-19 related spam and malware, including fake virus cures, phony stimulus paychecks, and other things based upon trending topics in the media during the pandemic. In the worst case, this new malware and spam can contain payloads designed to intercept and replace communication between the router and the network, effectively hijacking data. Other recently-discovered malicious code can change a router’s DNS settings, redirecting seemingly legitimate requests to a web server under the criminals’ control, thereby exposing your systems to port scanners, new hazards, and all manner of risks.
When working from home as an employee or a student, security and systems must be kept up to date. Vigilance in this area will keep the cyber threats, hazards, and risks at a minimum, so your home office technology can safely help you get things done.
Turn On The VPN
Some newer routers come configured with Virtual Private Network (VPN) capabilities. A VPN can mask your device’s IP address and encrypt all Internet traffic between your network and the remote destination. VPNs can also provide some degree of anonymity for any websites that you visit.
Secure Your WiFi Network
Selecting the most secure encryption will shield you from unwelcome connections that may be using your WiFi network for illegal activities. WPA2 is currently the most widely available standard that offers strong encryption for your WiFi network.
Set Up An Additional Network
Separating traffic by network is a great tactic that can help you to control access and potentially reduce problems, especially if you have that extra roommate, student, or other guest users in the house. You do this by enabling your routers “Guest Network” option, or by simply setting up another WiFi router. This segregation will also help separate your central computing systems from your personal gadgets and smart home appliances. With this virtual zoning of your network, you can still allow all your devices to communicate with each other under your control.
Test Your Firewall
Testing of your firewall is time well spent and can go a long way toward keeping attackers from accessing your systems and networks. Look for features under your router’s advanced settings: NAT filtering, port forwarding, port filtering, and service blocking. As a general rule, best firewall practices involve minimizing your “attack surface” by blocking inbound access to all unused ports and services on your network, while leaving just the outbound “holes” open that are required to get your work done.
Use Parental Controls
Most routers have built-in content filters and time-based restrictions that can be applied to specific devices on your network. Keep in mind that the most sophisticated filters can take a bit of technical skill to configure. However, most modern routers have made these types of features easy to use, even for the non-technical among us.
Install Anti-virus Protection
New viruses are being released into the wild on an ongoing basis. Effective anti-virus protection will keep up with the latest threats and protect your critical systems from scanners, browser hackers, malware, known bots, ransomware, trojan horses, worms, and much more. Use a reputable anti-virus product, and install updated virus signature databases as soon as they are made available (most modern products will do this automatically).
Back Up Your Data
The purpose of data backup is to protect important files in the event of a system crash or hard drive failure. Even a partial loss of information can be catastrophic to your business. Your data and servers require protection against disaster with an industry-proven backup solution that offers broad-based support of operating systems. Important files should be backed up at a minimum of once per week, preferably once every 24 hours. Bare-metal restoration images should also be captured regularly so that an entire server or desktop can be rebuilt if needed. Additional backups can be configured as desired to protect against natural or man-made disasters.
Teleconferencing And Video Calls
If you have to download and install any software for teleconferencing, be aware of typosquatting risks, and verify sources before proceeding to download. Never download conferencing software from anywhere other than trusted sources. Criminals are spoofing legitimate websites and stacking them with malicious malware payloads.
Work smart when working from home
Make security awareness a top priority and stay up-to-date with the latest news of cyber threats. Ensure all end-users in your purview are receiving the information they need, and verify that they are complying with any protocols and procedures put in place. Be wary of suspicious emails, particularly those that urge you to click a link or open an attachment. Using complex passwords and limiting company-owned devices to strictly work-related use are some of the most appropriate ways to work safely during this emergency.
Outsourcing Information Technology Infrastructure
Modern IT is a complex and sophisticated business. While the creators of home and workplace technologies have taken great pains to maintain an illusion of simplicity, most things are still much easier said than done. If you do not have years of experience in the IT sector, then it may make sense to outsource the responsibility of maintaining your technology infrastructure to a managed services provider (MSP). Doing so from the outset can prevent many problems because everything will be set up correctly at the start. A qualified MSP will implement a regimen of ongoing updates and maintenance that can increase the speed and efficiency of your systems. The emerging trend among MSPs is the use of the latest, highest-performing cloud technology to completely centralize, simplify, and secure all of your computing data storage and communications. Once all of your office systems are connected to your MSP’s cloud environment, end-users both at home and in the office can perform their work from just about any device that has a connection to the internet, without compromising security or control.
Utilizing an MSP for your business IT can eliminate the headache of deploying and maintaining your own IT infrastructure while providing your business with a dedicated staff of IT professionals to support your systems. The benefits of outsourcing IT to an MSP include continuous protection, staying up-to-date with the latest state-of-the-art technology, automatic updates, and mitigation of cybercriminal related hazards and risk. MSP experts can plan and execute all phases of your business technology, including onboarding and off-boarding end users at your disposal.
What to expect from a Managed Service Provider
Outsourcing to a competent MSP can be the fastest and most effective way to create a secure and functional virtual office environment for organizations of all sizes. Moving to a virtualized office technology model and leveraging the services of an MSP can maximize productivity while strengthening security and minimizing your potential attack surface. A sample of the benefits conferred would include:
- Control of costs
- Flexibility and scalability
- Improved time management
- Automation of many tasks
- Enhanced IP security
- SLA / service availability guarantee(s)
- Expert consultation
- Custom server and PC builds
- Cloud-based solutions
- Backup and disaster recovery solutions
- Network monitoring/setup/access controls
- Large team of IT professionals
- Website construction/e-commerce
- Web presence hosting and maintenance
- On-site or remote and server support, installation and troubleshooting
- Business communications, email and messaging services setup
The pandemic has resulted in many uncertainties in the near-term outlook for business, but the security of your organization’s network, systems, and data shouldn’t be one of them. Educate yourself on potential security threats, run penetration tests and vulnerability scans often, and make sure to stay on the lookout for everything from phishing emails to malware attacks. Perhaps most importantly, those businesses that lack a dedicated internal IT and security team should reach out to an MSP to ensure that their systems will meet the requirements of the new normal without exposing themselves to undue risk.