Our way of working has been turned upside down by the coronavirus. Companies had to offer their employees opportunities to work from home in the home office within a very short period of time. It was not only challenges to provide the necessary infrastructure. But it was not uncommon for the necessary security precautions to be neglected. Thanks to Home Office, productivity can be maintained as much as possible. But the new way of working is vulnerable to hackers who want to profit from the current situation.
It has been increasingly detected that hackers are launching attacks on employees’ computers as well as the servers of the companies. With the aim of accessing sensitive data and so-called data mining. This data is then illegally resold. One of the ways the hackers use is via the azoRult claims software, which shows coronavirus cases on a map.
(Source: Reasonsecurity – https://blog.reasonsecurity.com/2020/03/09/covid-19-info-stealer-the-map-of-threats-threat-analysis-report/)
The software exploits the fear of the population. In the background, the software collects user information, cookies, usernames, passwords, keys and wallets about cryptocurrencies and more. It is therefore necessary to take extreme care which pages are visited and which e-mails are opened. In order to prevent such attacks, we have listed tips here, which can be implemented quickly and efficiently.
Measures for employers
- Send e-mails to employees and ask them to be especially careful about phishing emails. There are currently more AND more COVID-19 phishing mails on the way.
- Clearly define which software (Outlook, Skype for Business, Teams, Zoom, Slack, Cloud Solutions) can be used.
- Ensure that critical company data can only be retrieved via VPN (Virtual Private Network) or SSL encryption.
- Introducing 2FA (Two Factor Authentication) or Multi-FA to uniquely identify employees.
- Perform an extra data backup and ask employees to store and store their processed data correctly in the cloud / server. Additional steps may be required.
Measures for employees
- Only use official software and avoid downloading software as much as possible at this time.
- Check if emails are phishing emails. The sender’s e-mail address usually provides help.
- Avoid, as far as possible, avoiding websites related to the corona virus. This does not apply to official news or the WHO website. Many of these claims software is distributed through such websites.
- Changing passwords and increasing the complexity of passwords with e.g. Special characters.
Up to two-factor authentication, these measures are easy to implement and help to make working more secure lynotal without large additional costs. After the crisis, however, it would be important to develop a concept that makes working in the home officer safer and more efficient. If a second and third wave of the coronavirus occurs during the year, you can switch faster.
We are happy to help them drive the digital transformation in their company and advise them on strategy issues.