Cyber fraud risk rises amid ‘work from home’ trend
With companies across the globe turning to work from home, via the online medium amid the Covid-19 outbreak, threats to cyber security have increased.
Deepak Bhawnani, CEO at Alea Consulting said: “Companies, large and small, will be impacted due to ramifications of work from home, as this will lead to cyber security risk concerns. Proprietary corporate data is being accessed from laptops and home PCS that may not have the same level of firewall and security as in-office setups.
Management and IT managers will subsequently need to reassess the risk to their data, and proactively evaluate their data loss prevention processes, as this can impact their reputation going forward, he added.
Further, cybercriminals has also started to exploit fears around the Covid-19 outbreak to conduct email scams, phishing and ransomware attacks.
Palo Alto Networks’ Regional Vice President for India & SAARC Anil Bhasin said: “Cyber-criminals have been exploiting fears around the Covid-19 outbreak to conduct email scams, phishing and ransomwareattacks. These emails and messages entice users to open malicious attachments by offering more information related to the Covid-19 situation but contain malicious files masked under the guise of links, pdf, mp4 or docx files.
With employees taking to work-from-home, cyber security threat multiplies, says Debasish Mukherjee, VP, Regional Sales APAC at Sonicwall. “These are exactly the times when hackers get creative with their malicious intent of hacking into devices and stealing data,” Mukherjee said.
He noted that while caution is being exercised during this epidemic, there is a group of opportunistic cyber-criminals who have been preying on this fear by developing malicious links and apps to hack devices and steal data. From creating malicious links to developing otherwise unsuspecting apps, the hackers of the digital age are getting creative in executing their attacks. Trishneet Arora, Founder & CEO of TAC Security noted that the lowsecurity standards of home Wi-fi systems, are a serious threat for the cybersecurity sector at the moment with data of millions of people at stake.
“A few isolated incidents of cyber crimes have already been seen with unsafe links leading to theft of sensitive data. For example, people are offering fake maps that show infected users, this requires the person to download software to generate fake maps, in turn making it a security concern,” Arora said.
He observed that the role of cyber security companies at this moment is more critical than ever. It is essential at this moment to monitor baseline behaviours and any anomalous cyber activity should be looked into in real-time basis. Bhasin of Palo Alto Networks was of the view that employers need to prepare employees who are unaccustomed to remote working to navigatethe challenges involved.
This can be done through an educational framework to teach staff how to identify and avoid risks, as well as outline the clear procedures to follow in case of a cyber security incident, he added.
Among other precautionary measures, he said that sensitive systems and data should also be restricted where possible, with access reviewed and granted to essential teams only. It should also be ascertained that workdevices encrypt data at rest and are able to protect data on the device if it is lost or stolen. Michael Sentonas, Global CTO of Crowdstrike said that crisis management and incident response plans need to be executable by aremote workforce.
“A cyber incident that occurs when an organization is already operating outside of normal conditions has a greater potential to spiral out of control,” he said.
He added that effective remote collaboration tools — including out-of-band conference bridges, messaging platforms and productivity applications—can allow a dispersed team to create a “virtual war room” from which to manage response efforts.