With the increase in the number of people infected with a new coronavirus infection many companies transferred their staff to remote work. This means that employees - ordinary people - have begun to use personal PCs and mobile devices for work. These systems are more vulnerable simply because they have a lot of related software installed. And as a result, the number of cyber-attacks began to grow, and the business faced a new wave of cyber threats.
The attackers' methods have not changed, but the schemes have been adapted to the new realities. Increasingly, the attention of hackers is attracted to small and medium-sized businesses because they cannot always afford serious IT protection.
Before we talk about the methods and forms of security for small business, let's take a look at the "weaknesses" when working from home.
Working at home, you can’t look into the next office and ask a colleague about something, and you won’t be able to hold a planning meeting in the usual “face to face” mode. Now you need to call, write, and organize an online conference. And just applications for communication can become a convenient place for an attack.
Skype, Microsoft Teams, and Zoom have become very popular in 2020, but they are quite vulnerable.
Social attacks in messengers
Many former office workers find themselves confused when they start working from home. They are accustomed to turning to IT specialists for help in case of any network problems or other problems with office equipment.
Hackers understand this and often use it. They contact users via messengers, posing as technical support specialists, data security services, and so on. Credulous people as a result of such communication can give fraudsters access to corporate data or install malware.
Another weak point in personal computers is browsers. They endlessly reveal places vulnerable to a hacker attack. However, during a pandemic, developers cannot fully concentrate on the development of updates and new degrees of protection. On the contrary, attention has been shifted from this task to other areas. As a result, hackers have more and more time to break into older versions of browsers.
In a pandemic, each of us wants to keep abreast of developments. In this regard, many applications have appeared that broadcast up-to-date information about the coronavirus to their users. The catch is that for the most part they represent official information and do not arouse suspicion. However, they require a wide range of permissions to install. Thanks to this, attackers can steal user card data, personal data, commercial information, and so on.
Cyber attacks with extortion
Ransomware attacks have increased in 2020-22. It may come as an update in a phishing email, and users who are interested in it are likely to follow the link and install a malicious file. The ransomware then encrypts the data and demands a ransom for the ability to decrypt it.
How to protect yourself from cyber threats
Year after year, hacker attacks are becoming more inventive. Artificial Intelligence and social engineering methods come into play. The modern world is increasingly gravitating towards the fact that cybersecurity has moved from a highly specialized area to a section of general knowledge.
Today, every employee of the company should have an idea about cyber threats and, at a basic level, understand how to deal with them. Here are just a few tips to help protect your communications and safeguard business information from intruders.
The best solution to protect your employees from these threats is to provide them with corporate laptops with security measures installed (like Cisco AnyConnect, etc.). In this case, the degree of protection will be close to the office.
The second suitable option is terminal access to the corporate network (RDP) and provision of access to a virtual workplace (VDI). This approach involves working through the access window of a home PC directly on stationary office equipment. To implement this form of work, you only need to install a client program. In this case, large companies use solutions from Cisco or Microsoft Remote Desktop for remote desktop access.But don't limit yourself to a VPN connection and remote access. Here are some additional tips on how to protect your business and employees from hackers:
1. Don’t neglect antivirus protection
Without a properly functioning antivirus, it is impossible to talk about anti-malware security. It will automatically protect you from many threats and remove viruses that have already entered the system.
2. Don’t disable built-in security
Modern versions of operating systems already have built-in protections that are aimed at ensuring the safety of your device. For example, Windows 10 has a dedicated Windows Security panel that provides built-in virus and threat protection, network connection protection, browser protection, and account protection.
3. Use URL filtering
It is this function that will prevent visiting malicious sites by notifying the user in advance about fraud. In modern browsers, the dangerous content warning feature is already enabled by default, but it's worth checking and making sure.Using Google Chrome as an example, if you try to open an insecure site, the browser will warn you about it. Sites suspected of phishing or distributing malware are considered unsafe.
4. Activate Automatic Updates
In programs, bugs are discovered day after day, with which developers successfully fight. Do not forget that after installing the update, the program is more secure than before.
5. Back up your data regularly
It is better if the copy is created on a network drive and also in cloud storage. This will give you the ability to access information even if cybercriminals still manage to attack your software.
6. Set up an additional communication channel with employees
When you go remote, update your database of phone numbers and find an alternative way to communicate in case the company comes under cyberattack.
7. Prevent employees from using public Wi-Fi
Connecting to a public Wi-Fi network is always a risk. Most public hotspots are not secure in any way. They are installed so that visitors stay longer in cafes and shopping centers. At the same time, no one thinks about the personal data of users.
8. Check who sent the letter in the corporate mail
A phishing email comes with malicious attachments, including ransomware. You need to be vigilant and not open files or links if you are not sure about the senders. Check the sender of the letter, text, attachments, links, and running programs.
9. Use only licensed software
Use only licensed software. A malicious file can simply be downloaded somewhere: there are many websites with unlicensed software. If you need a reliable screen recorder for work or something else, we recommend downloading programs, including free ones, from official sources to avoid the risk of system infection.
10. Don’t keep passwords in an easily accessible place
Store them in dedicated apps like KeePass.
12. Make friends with a VPN
Use a virtual private network (VPN) that will hide your IP address and encrypt all communications, thereby protecting you from cyber attacks. Security is always important, but it is especially critical when working from home with sensitive information.