COVID-19 has ushered forth a grand work-from-home experiment for the U.S. and much of the world. Some occupations do not lend themselves to remote work, and we should all salute those who continue to put themselves at risk to do work that benefits the rest of us.
On the other hand, a massive segment of the U.S. workforce is now sitting at home with a computer trying to do the same work they were recently performing in the office. Some of us have been working from home for years and some may be doing it for the first time. In either case, it's helpful to be aware of the security implications that come with remote work.
Cybercriminals are quite aware that a vast army of students and workers have shifted their place of work from the controlled environment of an office building to their place of residence. The cybercriminals recognize this as a window of opportunity to exploit the new attack surface that just opened up, as the following reports indicate:
- KrebsOnSecurity reports an interactive dashboard of coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious web sites.
- Threat Post reports, “An advanced persistent threat (APT) group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call, ‘Vicious Panda.’” In this case spear phishing emails claim to provide information about the coronavirus, but instead infect the computer with a remote-access Trojan.
- WHO has issued a warning to beware of entities purporting to be the World Health Organization, claiming that "criminals are disguising themselves as WHO to steal money or sensitive information."
Here are 9 actions you can take to help reduce the risk that your computer or data gets compromised:
- Protect your computer, and use it wisely: If you are using your own computer, make sure you have the latest security patches installed for your operating system and for the applications you are using.
- Use a Virtual Private Network (VPN): Many companies offer VPNs for remote employees. A VPN creates an encrypted channel of communication between your computer and a secure network. The encrypted channel prevents hackers from sniffing the wireless network for sensitive data or passwords. Even if your company does not offer a VPN, there are free VPNs available (search the Internet for reviews)
- Switch to passwordless authentication: Based on free and open standards from the FIDO Alliance, FIDO2 Authentication enables password logins to be replaced with secure, fast and simple login to websites without passwords. FIDO2 requires a test for human presence, which is accomplished using any one of the following (called authenticators in FIDO jargon):
- the fingerprint reader on a laptop computer
- a security key that plugs into the computer
- your mobile phone
- Microsoft Windows Hello
- Use strong passwords: Passwords are the root cause of over 80% of data breaches. If you have to use passwords, make sure you are using a unique strong password for each site. A password manager is an essential tool to aid in the management of those passwords. Examples of excellent password managers are 1Password and Lastpass
- Think before you click: Cybercriminals use phishing to entice users to share data and login credentials, typically through an email, instant message or text message. With the explosion of people working from home, phishing emails will target remote workers in a bid to steal their personal information or gain access to company accounts. Be suspicious if you encounter any of the following:
- sender’s email address has spelling errors
- poor grammar in subject and body of the message
- hover over links to see if you trust the URL 100%
- if you have any doubts, contact the sender via phone/email acquired from a separate source than the suspicious email
- Back up your data: Besides the usual reasons for backing up your data, ransomware and can encrypt your local machine and then demand you pay money to get your data back; if you backup your data, you can ignore the ransomware, re-install your OS and restore your data from backup
- Secure your home router: Do you know if you changed your router's default password when it was first installed? If not, do so now. Also, set the encryption to WPA2 or WPA3.
- Lock your device: It's a good practice to always lock your screen when you physically leave your computer. Even at home, a child, a pet or roommate can inadvertently bump the right combination of keys to sabotage your work. You can also configure your screen saver to automatically lock the screen after a certain amount of time. This means that even if you forget to manually lock the screen, it will happen automatically some time later
- For IT professionals and business leaders, it's a good time to re-assess your company's security needs: With more people than ever connecting to your systems remotely there's greater risk of breaches coming from intentional and unintentional access. Protecting your sensitive data through encryption changes the impact of a data breach from devastating to annoying.
The widespread adoption of social distancing in the U.S. has led to a mass migration of the workforce from the office to the home. Cybercriminals, ever vigilant for a new opportunity to exploit, are looking to take advantage of chaos before the masses adapt to the new work-from-home reality. Following the above steps will help thwart the cybercriminals in their attempts.