Golden age for hackers – 5 trends and tips for safely working from home
The ability for your employees to work from home is an ideal solution to ensure business continuity. It’s also a breeding ground for risks that hackers are happy to exploit. What has actually changed in the risk landscape compared to working in the office? Below are five trends and five tips from our cyber experts to ensure your home connection is safe.
Focus on VPN
VPN connections are often used to ensure a secure logon into the company network or to carry out work from the business environment. The use of a VPN is strongly recommended. When using a VPN connection, the data you send is encrypted and transported to the final destination. This already greatly reduces the risk of hackers seeing your data. However, due to the huge increase in VPN connections, hackers are shifting their focus to these connections. In addition, not every VPN solution has a “kill switch”. A kill switch is an option that stops all internet traffic when a VPN connection suddenly drops for any reason and the data is transmitted unencrypted (with no encryption).
Perhaps not all your employees have experience with remote login from home. They may be easily misled. For examples, it’s important to know whether the remote login page for webmail ends with “.nl” or “.com”. Or a hacker may have replaced the uppercase letter i “I” in the company name in the URL with the lowercase letter l “l”. You can imagine it is extremely difficult to recognize, especially for those employees who have no experience working remotely. It’s therefore easy for hackers to let employees log in to a page that looks exactly like the company page, but is under the control of the hacker. After this, it’s only a matter of collecting the login details from the employee and the hacker can log into the company network or an application with valid user credentials .
Macros: Blessing or curse?
Given the current way of working, it’s very normal to send a file with an email. Imagine one of your colleague is asked to assess the information in the attachment and they open the attachment. When asked to run the macro in the file, your colleague obediently clicks yes. What your colleague doesn’t know is that a script with malicious code is running in the background. Macros are great for making work easier, but macros are also often used by hackers to send and run malicious code.
Will you send me an email about this?
Where people normally walk to a colleague’s desk, they now have to communicate in other ways. Mail is one of the things that is used first when having to approach a colleague. Hackers also see the increase in email contact as an excellent source of potential distribution of malicious software or access to the company network. Many employees unknowingly click on links sent to them by their manager or colleagues. Ranging from “this is interesting” to “make sure we get something like that”. You may be familiar with the term “phishing”, sending links to bogus pages. Phishing and spoofing (emails where the sender appears to be legitimate because the email domain is exactly the same) are still an effective means for hackers to access personal and business data.
I want to know
People are hungry for information. Several ‘Corona maps’ have come about, allowing real-time tracking of the situation surrounding this pandemic. There are already some known Corona-maps in which the computer and / or the network is infected with a virus and where all the information that is stored in the users’ browser (such as passwords and payment information) is stolen.
5 tips for a safe connection from home
These are just some of the things that will keep your IT and cybersecurity department awake at night. The cyber experts of Crowe Peak are happy to give you some tips:
- Continue to educate your staff on (cyber) security risks while creating a support base. Security awareness can make the difference between gaining entry into the organization and a hacker’s retreat.
- Set up a monitoring service on your company network that recognizes suspicious login attempts and actions on the network and alerts your IT department about this.
- Have a policy that you can follow in the event of a (cyber) incident. It is extremely important that your organization works structurally in fighting an incident and communicating about a possible incident. Make sure this policy is tested before it needs to be used in real life. This way you can determine the effect and pain points.
- Perform a stress test if you have not already done so. A stress test is the testing of the IT facilities for maximum capacity. If all your employees want to log into the remove environment, there must be sufficient capacity to handle this.
- Evaluate and check your backups and recovery plan. In the unlikely event that your organization becomes a victim of an incident, you want to be back in the air as soon as possible. It is recommended to test the backups as well as evaluate the backup strategy and recovery plan.
Would you like to know more about securing your IT environment? Please feel free to contact the IT specialists at Crowe Peak.