CYBER-HYGIENE IN SEVEN EASY STEPS

CYBER-HYGIENE IN SEVEN EASY STEPS

Wed, 06/03/2020 - 10:50

Prepare for the 'day after' COVID-19

Lyubomir Tulev.jpg

Lyubomir Tulev

Over the past few weeks, we have been waking up with the daily briefings on the major TV stations listening to the numbers behind the COVID-19 pandemic. The disease headlines have spread out all over the world, including Bulgaria. The newly implemented restrictions forced thousands of organizations and individuals to embrace new practices such as social distancing, hand washing and remote working. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cybercriminals undoubtedly are capitalizing on this crisis.

Although biological diseases and pandemics are under the category of operational risks for the business, resulting in information security aspect and should be taken into consideration during risk assessment and business impact analysis, nobody could have even been able to predict such a scenario what we face now with COVID-19.

The business has acted reactively, turning their activities into remote ones as an alternative to total closures. With increased remote work unfortunately we faced an increased risk of employees accessing data through unsecured and unsafe Wi-Fi networks, using personal devices to perform work, and not following general security protocols established by the company.

By the end of March, an increase of domains registered with keywords like "COVID", "corona" or "vaccine" has been noticed. Many of these are considered to be developed with malicious intent – to be more precise, 2,022 malicious and 40,261 marked as high-risk domains, according to Palo Alto Networks report.

The reason is obvious – cybercriminals create fake websites related to COVID-19 to entice victims into opening malicious attachments or clicking phishing links, resulting in identity impersonation or illegal access to personal accounts. Trend Micro reported that nearly one million spam messages have linked to COVID-19 since January 2020.

Just because the organizations were pushed to make this move into teleworking, but at the same time without being prepared for that, this has revealed the need for real cybersecurity measures.

The same way we are instructed to keep our hands' hygiene high, luckily, there are 7 basic actions you can take when working remotely to keep your so-called cyber-hygiene:

1. Physical security: implement full disk encryption and auto locking-out mechanism and use strong passwords and implement.

2. Securing remote connections: remote access to company networks should be established through an enterprise virtual private network (VPN). VPNs should also be configured with multi-factor authentication as an added security layer.

3. Use of personal devices: where mobile devices are permitted to connect to the corporate network, they should be controlled using mobile device management software.

4. Use of Wi-Fi networks: just because our home network infrastructure is the first security parameter when criminals are attacking, it requires employees to be advised to secure their home Wi-Fi networks with a robust password with minimum WPA2 encryption mechanism put in place.

5. Phishing and malware: employees should be informed about phishing emails disguised as coronavirus updates or as updated company policies. Malware, spyware and Trojans are also found embedded in interactive coronavirus maps and websites. Spam mails are also tricking users into clicking on links which download malware to their devices.

6. Secure conferencing: use only secured platforms for teleconferencing and meetings with colleagues because some services may not be secure or may even record your employees' conversations by default.

7. Take security trainings: cyber threats are constantly changing with increasing digitalization and new technology. Use the time of social distancing and staying at home to improve your resilience by education. It is highly recommend to learn the basics about how to secure your digital presence.

"The day after" the COVID-19 era seems unpredictable. The crisis is likely to be with us for a while and will change our lives forever with new work styles, new cybersecurity issues, new proposed policies, personal hygiene requirements and so on. We will face new risks and challenges, but we need to ensure the security of our networks, devices and data in order to ensure our digital future. The cyberthreats facing businesses and critical infrastructure will continue to evolve causing harm globally, following the rapidly changing social and economic circumstances. Therefore, it is also apparent that in the post-COVID-19 era, organizations will need to rethink their cyber risk management measures.

It is almost certain online scams, phishing and BEC attacks will surge due to the economic downturn and shift in business landscape, generating new criminal activities. The same way as we have the major cybersecurity services provided as "managed service," it is also possible criminals may take advantage of the underground market to look for "cybercrime-as-a-service" given the ease of access, low cost and potential high returns such platforms can offer.

The demand for cybersecurity will dominate in the priorities of every organization now on as each adapts to the post-COVID 19 world. The global cybersecurity market is estimated to be $270B by 2026. By the same year, 77% of cybersecurity spending will be for externally managed security services, reports Australian Cyber Security Growth Network.

Although nobody can be absolutely confident what and how our near future will look like, one is certain: in the post-COVID-19 world, cybersecurity is as critical as Internet access itself.

Lyubomir Tulev (CCISO, ECSA, CEH, CHFI, CEI) is Senior Cyber Security Architect & Business Information Security Consultant at BULPROS. He is also an active member and trainer at International Cybercrime Investigations Training Academy.

BULPROS: Sofia, Business Park Sofia, Building 15A, fl. 5, T: +359 889 584 032, F: +359 2 489 5883, lyubomir.tulev@bulpros.com, www.bulpros.com

ICITA (International Cyber Investigation Training Academy): Sofia, 7 Trayanovi Vrata St, fl.2, ap. 4, T: +359 887 303 289, icit.academybg@gmail.com, www.e-crimeacademy.com

 

Web Exclusive
0 comments

Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

Discover More

Dr Ranko Georgiev
CENTRAL VET CLINIC: COMPLEX TREATMENT FOR BIG, SMALL AND EXOTIC PETS
Central Vet Clinic is unique in Bulgaria: it offers the full range of healthcare services for pets of all types at one place.

Dr Rosen Arsov
LILIYA TRICHOLOGY CENTER: HEALTHY HAIR AND HEAD SKIN ARE OUR RESPOINSIBILITY
In 2014 he created and became the Medical Director of Bulgaria's first specialised medical practice in trichology.

Dr Magdalena Stoyanova
DR MAGDALENA STOYANOVA: TREATMENT WITH A SMILE
Trust in the dentist is at the basis of effective treatment. Dr Magdalena Stoyanova knows this principle well and successfully applies it in her practice.

Zhana Zahova, manager of Justice Тo Мe platform
JUSTICE ТO МE: CUSTOMERS PROTECTION IN DIGITAL AGE
Everyone has a case (and often more) in which they have faced a "deaf" company offering subpar services. In the era of social networks our first reaction is to complain on them, and hope for a reaction. The Justice Тo Мe platform has an easier solution.

From left: Dr Dayana Ilova, Dr Liliya Dodovska, and Nevyana Vuchkova, administrator and dental asistant
DENT LEADERS: PROFESSIONALISM, FRIENDLINESS AND LASERS FOR EXCELLENT DENTAL HEALTH
She has succeeded. Dent Leaders is a clinic when you can get full treatment, from prophylaxis to implants to advanced laser treatment by experienced and dedicated professionals.

Ivana Radomirova
A GLASS OF HAPPINESS
Established in 1991, the Union of Brewers in Bulgaria has the main mission to promote the best practices of the sector, popularising the beer excellence and its responsible consumption.

Prof. Dr. Nikolay Serdev
SERDEV CLINIC FOR SCARLESS COSMETIC SURGERY: INNOVATIONS THAT WORK
A world-renown specialist in cosmetic surgery, Dr Serdev is an epitome of professionalism. He has authored a number of innovations for blood-less, scar-less and working beautifying procedures for the face and the body.

Zagorka beer
ZAGORKA: BEER FOR A BETTER WORLD
Zagorka has over 100 years of tradition in Bulgaria. How does the company maintain the balance between history and memorable, exciting and modern taste?

Dr Tsvetelina Todorova
APEX DENTAL CENTER: POTENTIAL OF DENTAL TREATMENT
The professionals at Apex Dental Center offer the full range of dental care for all ages. The clinic is also a pioneer in application of innovative and effective laser treatment.

Vladan Matic, Executive Director of Kamenitza AD
'TURNING INNOVATIONS INTO TRADITIONS IS ONE OF THE TRIGGERS OF OUR BUSINESS'
Mr. Matic, as a leader of a big employer and producer in Bulgaria, what are the lessons that you learnt in the past few months?

farma vet products.jpg
FARMA VET: RESPONSIBILITY TOWARDS ANIMALS AND PEOPLE
Farma Vet manufactures quality granulated pet food, a wide spectrum of veterinary medicines, supplementing fodder, milk substitutes, biocides and over 40 types of sanitisers and disinfectants registered by the Bulgarian Ministry of Health.

white stork beer.jpg
WHITE STORK BEER: MORE THAN CRAFT BEER
Since then White Stork has come a long way in the still narrow segment of the market for special beers in Bulgaria with different brews and styles to establishing a solid portfolio of high-end products that uncompromisingly follow the philosophy of the bran