As working from home becomes the new normal, hackers are riding the trend and trying to capitalize it to their advantage. In practical terms, this translates to phishing, spreading malware, and similar. So what can companies do to protect their staff from what’s going on? Keep on reading to find out!
A look at the statistics
According to McAfee, new malware samples in the second quarter of 2020 have grown by 11.5%. Without a doubt, the pandemic has affected the digital world as well because we are now seeing a 605% increase in COVID-19 related attack directions.
Attacks on cloud services are surging, having reached 7.5 million in numbers. Previously, Linux wasn’t targeted by malware makers nearly as much, but now, the trend is up by 22%. In particular, the technology industry is the prime target of hackers, as recorded attacks are up 91%.
Not even the smartphone space was spared, as the report noted that mobile malware went up by 15%. Overall, in Q2, there are 419 new malware threats per minute.
How hackers capitalize on COVID-19 to distribute malware
If you’ve ever come across news and graphs related to COVID-19, don’t make the mistake of assuming they’re clean, even if the information presented is correct. There have been a number of cases of campaigns spreading trojans as well as other variants of malware.
These work due to this being a hot topic, and everyone is interested in finding out more about it. Hackers count on the widespread interest to lure as many people as possible into visiting these infected websites.
Then, we have COVID-19 phishing scams. A hacker may pretend to be an official from a medical institution or something similar in one of these. Using a sense of urgency, they may attempt to coax the victim into clicking on a link or open an attachment that tends to contain malware.
Companies need to take a proactive role in fighting these threats
Due to everything that’s happening, companies from all around the globe are encouraged to put the following preventative measures in place:
1. Invest in the staff’s education and training
Now, more than ever, it’s essential to make sure that every staff member is on the same page. They have to understand the risks involved and realize there are consequences to a breach. After all, once a company loses the trust of its clientele, it’s gone forever.
2. Know how to recognize phishing attempts
First and foremost, never click on any links someone sends to you via email. Before complying with their instructions, double-check their identity. An excellent way to do it is to contact them through other channels. If the message contains an attachment, think twice before opening it if you don’t recognize the sender. At the very least, run an antivirus scan or open it in an isolated environment.
3. Encourage your team to use a VPN when working remotely
Since working remotely is the new norm, it’s imperative that your team understands the importance of protecting sensitive work-related files and conversations. So what is a VPN? In a nutshell, a VPN establishes an encrypted tunnel that bars would-be snoops from eavesdropping on the data you send or receive online. Even if you fail to do your due diligence and establish a connection through a Wi-Fi network that has been compromised, a VPN will shield you.
4. Use a secure video conferencing solution
Although you have the freedom to use any video conferencing solution of your choosing, your decision should be based on security rather than convenience. If you don’t know where to begin, both Zoom and Microsoft Teams seem to be a popular choice in 2020.
5. Don’t forward malware without being the wiser
Believe it or not, malware infection can come from within the company circles, and the one spreading it isn’t necessarily the wiser. Therefore, a good practice is to forward files to the IT department for verification before sending them to other coworkers.
6. Have a robust password policy
Passwords need to be tough to guess to be strong. You are encouraged to design them to be long, as well as use capital letters, special symbols, and numbers. Also, a good way to go about it is to assign them on a need-to-know basis. While a coworker is within their rights to request access to a computer, the janitor has little business poking around its contents.
7. Update programs and operating systems regularly
As time goes on, developers release security updates for programs and operating systems, which stop the older versions of malware from being effective. Therefore, it’s imperative to initiate updates often, even if this introduces a certain bit of downtime.
With the help of these tips, you and your coworkers can steer clear of the latest COVID-19 scams, malware, and disinformation. As the old saying goes, curiosity killed the cat, and hackers use the same bait to get you to click on one of their links.