Digital security becomes even more important
We don’t know about you, but it appears that the shift to working from home, staying 2m away in shops and the prevalence of masks on people out and about is no longer as weird as it was once was. For our team it appears that the acceptance of the “new normal” is in full effect albeit pictures of an empty central London taken by one of our team during his daily exercise do still look like a bit of a zombie apocalypse. The one thing which is not normal, in the last month, is the rise in issues surrounding security now that our most of our client’s teams are working from all over the place using a wide variety of devices over a range of networks.
Our friends at ESET have issued their Q1 2020 Threat Report which supports much of what we are seeing, albeit the report can only be described as a geek fest for online digital threats, but for businesses it highlights that:
- The rapid shift to working from home led to significant increase in demand for remote access and videoconferencing applications which have attracted cybercriminals who adjusted their attack strategies to profit from the shift.
- Cybercriminals have also sought to exploit public concerns surrounding the pandemic with ESET and out helpdesk seeing a surge in scam and malware campaigns using the coronavirus pandemic as a lure, trying to capitalize on people’s fears and hunger for information. We have seen clients impacted by fraudulent online stores claiming to sell face masks and other personal protective equipment all the way to websites distributing dangerous malware. In particular, we have witnessed, as ESET report, a malicious website impersonating the World Health Organization (“WHO”) that tried to manipulate users into downloading what is presented as “COVID-19 Information App” but was actually a dangerous cocktail of malware.
- Ransomware (malicious software designed to block access to a computer system until a sum of money is paid) which was definitely on the increase in 2019 appears to have slowed during 2020 as the cybercriminals focus on phishing (fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers). Interestingly, cybercriminal gangs have advised that during the pandemic they will not target hospitals, which is very decent of them in the circumstances!
- Apple’s Mac range are seeing a continued increase in threats targeting them and the days in which Mac’s did not need antivirus are in our view long since passed. We use and recommend using antivirus for all our Apple environment clients as whilst Apple’s “walled garden” strategy makes it difficult for malware to sneak onto a Mac (because all code has to be approved) apps can still be installed with the user’s explicit permission and we have seen an increase in unapproved app use and malware exploiting those vulnerabilities.
- We have also seen clients impacted by moving their devices to home because of the prevalence of Internet of Thing (“IoT”) devices with their much publicised vulnerabilities which allow cybercriminals to get control of networks without firewalls, as most home networks are, and grab data or control certain aspects of devices. Weirdly it can often be the most innocuous thing such as remote doorbell or security cameras which can be exploited using a loophole dating back to 2012. It’s not something to lose sleep about as cases are rare but as part of the new normal and teams working all over the place, we expect to see instances increase.
We don’t want to give you nightmares as there is enough bad news at the moment, and more importantly there are things that you can do. Our latest eBook titled “Working from Home” has some good advice which you can download here. You can also think about:
- Ensuring that appropriate antivirus (to your situation) is in place across ALL devices being used at home and in the office.
- Staff are made aware of the need to be careful and a working from home policy is in place to prevent people downloading malware or sending money without appropriate approvals.
- Firewalls are installed and both they and routers are correctly configured in the work environment to prevent any malware spread across the network.
- Appropriate back-up systems are in place to should the worst happen.
If you have any questions on your setup, the best software for your business or you’d like us to check the security measures your organisation has in place one of our superstar technicians would be more than happy to assist, just give us a shout! Systemagic have all their staff working and have continued throughout the crisis to support our clients and their teams in what was for us the busiest period in our 21 year history.
Back to our blog