Mimecast CISO Mark O’Hare has provided the following tips on what you can do to make you, your colleagues & your families safer online during the COVID-19 coronavirus outbreak.
- COVID-19 is being used as a phishing lure by cybercriminals & nation states
- Expect to see an increase in exploits related to COVID-19 as publicity around the virus increases
- Cybercriminals are using trusted brands, like World Health Organization (WHO) & U.S. Centre for Disease Control & Prevention (CDC), to build credibility & entice users into opening attachments
What can you do?
- Don’t click on any COVID-19 related links or attachments you receive via email or messaging apps. This includes messages to personal email providers like Gmail
- Don’t be fooled by legitimate-looking branding on messages you receive, there are good fakes doing the rounds. Cybercriminals will also often use language that conveys a sense of urgency, so be alert
- If you want COVID-19 news, navigate directly to the WHO & CDC websites. Use best practices by typing URLs into your web browser & use Google Search to search for sites
- Don’t put your credentials into third-party sites unless you’re 100% sure you’re on the correct site
- Report any suspicious messages to Mimecast’s SOC by email: firstname.lastname@example.org
10 STEPS FOR MAINTAINING WEB SECURITY (AND SANITY) WHILE WORKING FROM HOME DURING THIS SITUATION
Governments across the globe have put extreme measures in place to limit the spread of coronavirus, prohibiting large public gatherings and encouraging “social distancing” to keep new coronavirus cases as low as possible. Where possible, office based colleagues are on strict work-from-home schedules to mitigate COVID-19’s spread.
While many people have a home office setup already, the same cyber hygiene and web security standards that can be found at corporate offices are not generally in place at home.
With that in mind, the following 10 steps can be used to help avoid cyber-related mistakes, which may linger long after global recovery from COVID-19.
- Maintain regular working hours, but also plan breaks to avoid breaches caused by human error. Working from home requires a different kind of discipline than the typical workplace and it can be difficult to adapt. Planning your working hours and pencilling in suitable breaks will allow you to focus on what needs to be done and when. Similarly, it can be easy to get caught up in a task as you make progress, but regular breaks from a computer screen are essential to avoiding fatigue, strain or headaches from excessive use. All these factors may increase the chances of human error and therefore the chance of a breach.
- If sharing your home with others, designate a workspace and ground rules. Family members or roommates can present a distraction during any self-quarantine, particularly if there’s limited space to work and live in. Be clear from the outset as to where your working space is, and the hours you’ll be working.
- Take precautions around web security at home. For example, ensure your home router is secure, does not use a generic default password, is utilizing encryption and has its firewall switched on. All these measures will help to secure your home network for personal as well as work use and increase the likelihood of being able to work safely and securely without compromise. This is even more prudent in the age of connected devices. Today, TVs, baby monitors, smart speakers, doorbells, and even lightbulbs can be connected to your network, presenting potential routes into your home network to compromise your more secure work devices and web security. Two-factor authentication, a password, your router and your firewall may be all that keeps them secure. Ensure all your devices have been changed from their default passwords and that any available security measures are enabled.
- Keep an eye on bandwidth, which may be more limited than usual due to the increased numbers of people working from home. Increased usage of the internet at home will place greater strain on home networks, and in many cases, the capacity of local infrastructure is shared. Be aware that you may experience slower speeds than usual. If sending work files, resist any temptation to work around existing security measures or the network to save time. Risking compromise of the whole network and its existing web security standards is not worth a few seconds’ expediency.
- Mobile data and networks will likely suffer the same issues. Data usage may significantly slow and calls may not connect. Ask yourself: Is the communication urgent? Consider alternative but approved workplace communication via Slack, Skype, Zoom or other approved applications if necessary. Do not use less secure communication channels.
- Resist the temptation to use unfamiliar Wi-Fi for work or private browsing. It might be tempting to connect to a neighbour’s or public unsecured Wi-Fi if the signal appears stronger and your connection appears to be very slow, but it’s critical not to do this for private or work-related purposes, since it’s impossible to discern whether you’re inadvertently giving away your credentials to a tech-savvy attacker.
- Ensure you’re using encryption. Webmail or private email are unencrypted, leaving your devices at significant risk of compromise via interception or “man in the middle attacks,” and can make your home network vulnerable to compromise as attackers may piggyback on you to compromise an otherwise secure environment.
- Supplement encryption with a Virtual Private Network. For an extra layer of web security and encryption, always use a VPN. Most workplaces now have these installed on workplace or business machines and these should be used when available.
- Use Multi-factor/two-factor (MFA/2FA) authentication whenever possible. This extra layer of web security may prevent compromise of work applications. Be particularly wary of social engineering during this time, such as contact which may seek to obtain disclosure of an MFA/2FA code.
- Be aware of increased phishing and other forms of cyberattack through electronic communication. With many people self-isolating and working from home there will be significant appetite for news on developments. However, colleagues must be aware that this is almost certainly not going to be delivered via any unsolicited electronic communication. Do not click links or attachments in any unsolicited communications offering help or advice, particularly relating to COVID-19 (or really any other significant global events that may be occurring). Stay up to date using reputable news providers and trustworthy government websites for informed and credible updates.
According to Mimecast threat intelligence researchers, threat actors and criminals will almost certainly seek to exploit the increased numbers of colleagues working from home and see them as an opportunity to compromise secure workplace networks. Working from home presents additional complexities, potential weak points and vulnerabilities for attackers to exploit, particularly if colleagues let cyber hygiene slip.
Workplace safety measures and social distancing will almost certainly result in threat actors targeting individuals at home and via their more vulnerable home Wi-Fi networks. Mimecast researchers believe there may well be a significant increase in spam mail and phishing attacks against individuals as well as businesses.
Human error accounts for over 90% of cyber incidents, with at least 90% of breaches involving email as a delivery vector at some stage. The overarching aim of any attack is to encourage the target to type credentials into forged sites, or to covertly install malicious software that will permit data exfiltration or network access, from clicking on malicious links.
Take your time and apply the usual diligence to any electronic communication and do not click on links within these emails.
Quality & Compliance Manager