Brace for more cybercrime as you work from home, experts warn
Expect a significant spike in ransomware attacks and phishing scams during the coronavirus lockdown period, predicts Terence Govender, director of the IT advisory division of international advisory firm Mazars. He believes cyber criminals will take advantage of the fact that people and businesses will be working remotely during the lockdown period, as this creates a "perfect storm" of less security and more time online. Be especially wary of which websites one visits, he suggests - and resist the urge to download any coronavirus-related apps. Rather use certified news platforms to receive updates, as there have already been reported cases of malware that has been written into so-called Covid-19 applications.
Who's at risk? "During lockdown, people are likely going to be spending a lot more time online, which might just be creating the perfect storm for opportunistic cyber criminals. This is especially concerning for smaller businesses with employees working from home for the first time," warns Govender. "While all businesses are at risk of cyber attacks, SMEs tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data." He expects another major target will be businesses operating in the medical, health and pharmaceutical industries – where cyber attackers are already claiming vaccine formulas in return for cryptocurrencies such as Bitcoin.
Attacking the vulnerable
Alexander Eremin, an expert at international cyber security firm Kaspersky, says cybercriminals have, for months, attempted to take advantage of the coronavirus crisis by launching phishing attacks and creating coronavirus-themed malware. "We encourage Android users to be particularly vigilant at this time - pop-ups, unfamiliar webpages, and spontaneous messages about coronavirus should always be viewed skeptically," warns Eremin. He suggests only downloading apps from official stores. Don't click on suspicious links and never give away sensitive information, such as passwords or credit card information.
'Keys to the cabinet'
Louis Aucamp, managing director at Equality Group and an intuit QuickBooks trainer, cyber attacks are set to increase as much as tenfold in SA as people work from home. "Businesses also need to protect themselves from the 'inside' by creating varying levels of access to their data," he warns. "This is not unlike giving certain staff members keys to the payroll cabinet in years gone by." Richard Rattue, MD of Compli-Serve SA, says it is vital for businesses to keep their cyber security systems up to date. "Cyber criminals are clever and may penetrate your defences despite your best efforts.
"The IBM 2019 Cost of Data Breach Report surveyed 21 businesses in SA and the average total cost of managing a data breach was found to be R43.3 milion." The South African Banking Risk information Centre (Sabric) estimates that SA businesses suffer a total of about R250 million in losses each year due to phising attacks and internet fraud. Fewer defences Henda Edwardes, executive head of carrier and connectivity at Vox, says it is a given that people working from home have fewer security defences in their home network than they would have in the office. "Coupled with the stressful times and possibly more distractions at home than usual, it creates a situation where employees are (more) likely to fall for malicious scams and hoaxes," sayd Edwardes. "Also, with more children at home now using streaming services and video games, the home network is further compromised." Heino Gevers, cybersecurity specialist at Mimecast, says experience has shown that there is a general escalation in cyber criminals' activity during times of distruption. "Already, malicious criminals are spreading disinformation with the sole purpose of creating panic. Once panic sets in, rational thought goes out the window and that creates gaps that cyber criminals exploit," he says. "Suddenly there is an increase in false specials and sales for in-demand products like face masks that are being promoted online, for instance." He says the web is used in 91% of malware attacks. It is also the top distraction for employees in the current situation.
According to Elizabeth Moreno, managing director of HP Africa, a KnowB4 survey in African countries, including South Africa, found that 53% of respondents think that trusting emails from people they know, is good enough to preclude them from security threats. About 28% of respondents said they had malware infections and 52% don't know what multi-factor authentication is, while 64% don't know what ransomware is. About 55% said they believe they would be able to easily identify a security threat. Simon Colman, executive head of digital at SHA, says high volume of traffic during the current remote working situation, may lead to some companies easing up on some security requirements, exposing the network to external threats.
Tips to minimise risk include the following:
Ensure that all employee laptops have up-to-date anti-virus software and that all systems, including emails and USB ports, are enabled in order to be scanned;
Ensure that the relevant virtual private network (VPN) software is enabled and/or two factor authentication (2FA) is implemented. This is a multi-factor authentication method needed to access a computer;
Where possible, ensure that hard disk encryption with maximum password requirements are applicable;
Ensure that the remote work security policies are the same as working on the network in the office;
Deploy collaboration software on laptops ahead of time and advise staff against downloading and/or configuring software independently or via instructions;
Remind staff to change their passwords as per the password policy and do not allow for an extension of the period for password changes;
Remind staff not to open any suspicious emails or emails from unknown sources at this time;
Stay clear of transacting on sites that do not have the https: in the URL. The S at the end of HTTP, means that the site offers some security;
Install browser protection to prevent staff from accessing unauthorised or dodgy websites;
Set up strong junk mail filters;
Make regular, different backups;
Follow up on notifications of data changes or log-ins;
Never share your password(s) with anyone and change them often;
Remember, prevention is better than cure.