Friday, 04 September 2020 13:51

4 ways to achieve effective ‘cyber hygiene’ in a work-from-home world

By Simon Howe, LogRhythm
Simon Howe, Vice President Sales–APAC, LogRhythm Simon Howe, Vice President Sales–APAC, LogRhythm

GUEST OPINION by Simon Howe, Vice President Sales – APAC, LogRhythm: With large numbers of people now sitting in home offices in the wake of the COVID-19 pandemic, attention is turning to what this means when it comes to achieving effective IT security.

No longer fully protected by corporate firewalls and LAN-based security tools, staff are making use of personal devices, home networks, and public internet connections.

This trend has not gone unnoticed by cyber criminals. Many are using this new environment to mount innovative attacks designed to harvest personal and corporate details and gain entry into centralised applications and data stores.

There are a number of steps that home-based workers can take to improve their IT security and reduce the likelihood of falling victim to such attacks. These steps include:

1. Be watchful for email phishing attacks
People are understandably curious about the COVID-19 virus and the implications it has for their health and lifestyles. Cybercriminals are taking advantage of this curiosity and creating targeted phishing campaigns.

A phishing email may arrive with a link to a seemingly trustworthy site containing news updates on the virus and the work being done to create a vaccine. However, the link actually points to a site containing malware that can compromise the user’s device and steal personal details.

Other phishing emails may come with an attachment. Once opened by the recipient, they can also infect the device and could result in the installation of crippling ransomware.

The best way to avoid falling victim to a phishing attack is to carefully examine every received email before it’s opened. Check whether it contains misspelled words or poor grammar, or has come from an unknown sender.

Unless absolutely sure of their source, don’t open attachments. Some recent examples purporting to be information on the virus have actually contained banking trojan malware. Once activated, this malware searches for personal and banking details stored on the user’s device. As a second step, it then connects the device to a botnet that is then used mount attacks on other users.

2. Be wary of text and social media attacks
Email is not the only channel being used for COVID-related phishing attacks. There are increasing reports of attacks coming via SMS messages and social media channels. Some may appear to come from a legitimate source or known contact, however have actually been generated by a cybercriminal.

Be constantly on the watch for messages that don’t seem quite right, or those that have been sent at a strange time of day. When in doubt, don’t interact with the message but contact the sender using a different method to check it was actually sent by them.

Recent reports have included examples of social media posts offering a month’s free subscription to a streaming service. Clicking on them allows the criminal to harvest the user’s social media login details that can then be used to gain access to other sites.

3. Keep patches up to date
Home-based workers may often be using their own desktop or laptop computer to connect to corporate resources. For this reason, it’s vital that the latest software patches and security updates have been installed.

Make it a habit to check regularly for updates, both for your operating system and any applications that have been installed. This will ensure that any vulnerabilities that could be exploited by cybercriminals are closed as quickly as possible.

4. Secure your connections
Many workers will have swapped their corporate network for home Wi-Fi. While this is convenient, it means network security may no longer be sufficient. Unsecured Wi-Fi networks offer a potential opening for cybercriminals, so ensure adequate passwords are in place. Also, consider turning off the broadcasting of your SSID to make it more difficult for other parties to locate your network in the first place.

Just as personal hygiene has become vitally important in a COVID-19 world, so too has cyber hygiene. When working from home, remain aware at all times of potential threats and the steps that can be taken to overcome them. Remote working is likely to be a feature of daily life for many months ahead, so adopting a strong security frame of mind is vital.

Subscribe to ITWIRE UPDATE Newsletter here

Active Vs. Passive DWDM Solutions

An active approach to your growing optical transport network & connectivity needs.

Building dark fibre network infrastructure using WDM technology used to be considered a complex challenge that only carriers have the means to implement.

This has led many enterprises to build passive networks, which are inferior in quality and ultimately limit their future growth.

Why are passive solutions considered inferior? And what makes active solutions great?

Read more about these two solutions, and how PacketLight fits into all this.


WEBINAR INVITE 8th & 10th September: 5G Performing At The Edge

Don't miss the only 5G and edge performance-focused event in the industry!

Edge computing will play a critical part within digital transformation initiatives across every industry sector. It promises operational speed and efficiency, improved customer service, and reduced operational costs.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

But these technologies will only reach their full potential with assured delivery and performance – with a trust model in place.

With this in mind, we are pleased to announce a two-part digital event, sponsored by Accedian, on the 8th & 10th of September titled 5G: Performing at the Edge.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News