With the global health crisis forcing people worldwide to work from home, there is increasing evidence that malicious actors are using peoples’ fear to prey on remote workers. Home networks, actions of family members and the security of workstations can impact your company’s security.
There are some simple steps companies can take to keep safe. First, you must increase your awareness of current attacker activities and tactics to avoid falling victim to their schemes. Second, you must use secure workstations when working remotely.
Attackers are already taking advantage of the current crisis and our strong desire for information and answers. They are using a variety of tactics, but the most common attacks observed are:
■ Phishing Emails – Bad actors are sending emails impersonating trusted sources of information, such as the World Health Organization (WHO) or the Centers for Disease Control (CDC), health organizations, universities, government entities or other official sources to trick recipients into clicking links or opening attachments that can compromise credentials or infect devices with malware.
■ COVID-19 Website and Interactive Map – Bad actors have registered domains and launched sites that host information about COVID-19 or show interactive maps detailing the spread of the virus. Attackers have laced many of these unofficial sites with malware, which commonly leads to ransomware, credential theft or persistent remote access to workstations.
■ Malicious Apps – Attackers are creating malicious mobile device apps and deploying them to different app stores, mostly Android.
To ensure your new work environment is secure when accessing company systems, data and networks, follow the guidelines below:
■ Modern Operating System – you should use a company-managed workstation or personal device with a supported operating system (OS)
■ Patched Operating Systems – be current on OS upgrades and patches (no more than 30 days since last patch application) for any workstation from which you conduct business
■ Patched Browser – use a vendor-supported and fully patched browser
■ Current and Enable Antivirus – have Antivirus software installed and operational on any workstation.
Remain vigilant while reading emails and messages or web browsing; and be aware of common phishing techniques. Exercise heightened caution while engaging with COVID-19 based content. In these challenging times, please view information on COVID-19 from well-known, reputable websites such as WHO or CDC or other government websites.
Stay connected to a VPN Client when working from any laptop or desktop, because additional security protections have been added to prevent malicious attacks. Avoid public network access points (shared Wi-Fi spots like coffee shops) and stay on your home network anytime possible. Confirm in your wireless router or cable modem that your home Wi-Fi is secured with WPA2 or WPA3. Ensure insecure features like UPnP are disabled and default logins to Internet of Things (loT) devices (smart doorbells, wireless cameras, robot vacuums, thermostats, etc.) are changed.
■ Authentication Security – protect personal accounts with two-factor authentication security, staying vigilant with interactions on online platforms. Use strong passwords and a password manager.
■ Data Security – work on documents within company-provided cloud applications to make sure data is safe and being backed up. Do not store company data on personal devices or your computer’s hard drive.
■ General Security – lock your personal computer when walking away from it (Win+L on Windows or Command+Control+Q on Mac).
■ Using unsupported communication platforms to conduct business
■ Installing COVID-19 related apps on mobile devices
■ Leaving your business accounts logged in on a shared system(s). Instead, log out completely when you have finished your work
■ Using your personal email(s) accounts to conduct
business.
■ Connecting unknown and untrusted devices (USB sticks, peripherals, etc.) to workstations with access to company networks and systems
■ Installing unknown or untrusted software that may put your workstations at risk (unsupported remote desktop, etc.)
■ Waiting to report any adverse events or suspicious activity identified with workstations to your managed service provider
■ Using file share (p2) and other high-risk applications on workstations that have access to company services, systems or data.
Steve LaPha, a 30-plus year veteran of the computer industry and started with Dytech Group 18 years ago as a Network Engineer. He came from the government computer sales and service industry where he owned his own computer business for 15 years supplying personal computers to NASA at the Kennedy Space Center. Steve was promoted to Service Manager, General Manager and now Vice President of operations. He works along with Dennis Bell, the President, running the business and supervising ten employees. The primary business is providing Managed Services to small and medium size businesses in Orlando and the Central Florida area under the DytechONE brand. Dytech is FRSA’s IT service provider.
Previous Article