CYBER-HYGIENE IN SEVEN EASY STEPS

CYBER-HYGIENE IN SEVEN EASY STEPS

Wed, 06/03/2020 - 10:50

Prepare for the 'day after' COVID-19

Lyubomir Tulev.jpg

Over the past few weeks, we have been waking up with the daily briefings on the major TV stations listening to the numbers behind the COVID-19 pandemic. The disease headlines have spread out all over the world, including Bulgaria. The newly implemented restrictions forced thousands of organizations and individuals to embrace new practices such as social distancing, hand washing and remote working. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cybercriminals undoubtedly are capitalizing on this crisis.

Although biological diseases and pandemics are under the category of operational risks for the business, resulting in information security aspect and should be taken into consideration during risk assessment and business impact analysis, nobody could have even been able to predict such a scenario what we face now with COVID-19.

The business has acted reactively, turning their activities into remote ones as an alternative to total closures. With increased remote work unfortunately we faced an increased risk of employees accessing data through unsecured and unsafe Wi-Fi networks, using personal devices to perform work, and not following general security protocols established by the company.

By the end of March, an increase of domains registered with keywords like "COVID", "corona" or "vaccine" has been noticed. Many of these are considered to be developed with malicious intent – to be more precise, 2,022 malicious and 40,261 marked as high-risk domains, according to Palo Alto Networks report.

The reason is obvious – cybercriminals create fake websites related to COVID-19 to entice victims into opening malicious attachments or clicking phishing links, resulting in identity impersonation or illegal access to personal accounts. Trend Micro reported that nearly one million spam messages have linked to COVID-19 since January 2020.

Just because the organizations were pushed to make this move into teleworking, but at the same time without being prepared for that, this has revealed the need for real cybersecurity measures.

The same way we are instructed to keep our hands' hygiene high, luckily, there are 7 basic actions you can take when working remotely to keep your so-called cyber-hygiene:

1. Physical security: implement full disk encryption and auto locking-out mechanism and use strong passwords and implement.

2. Securing remote connections: remote access to company networks should be established through an enterprise virtual private network (VPN). VPNs should also be configured with multi-factor authentication as an added security layer.

3. Use of personal devices: where mobile devices are permitted to connect to the corporate network, they should be controlled using mobile device management software.

4. Use of Wi-Fi networks: just because our home network infrastructure is the first security parameter when criminals are attacking, it requires employees to be advised to secure their home Wi-Fi networks with a robust password with minimum WPA2 encryption mechanism put in place.

5. Phishing and malware: employees should be informed about phishing emails disguised as coronavirus updates or as updated company policies. Malware, spyware and Trojans are also found embedded in interactive coronavirus maps and websites. Spam mails are also tricking users into clicking on links which download malware to their devices.

6. Secure conferencing: use only secured platforms for teleconferencing and meetings with colleagues because some services may not be secure or may even record your employees' conversations by default.

7. Take security trainings: cyber threats are constantly changing with increasing digitalization and new technology. Use the time of social distancing and staying at home to improve your resilience by education. It is highly recommend to learn the basics about how to secure your digital presence.

"The day after" the COVID-19 era seems unpredictable. The crisis is likely to be with us for a while and will change our lives forever with new work styles, new cybersecurity issues, new proposed policies, personal hygiene requirements and so on. We will face new risks and challenges, but we need to ensure the security of our networks, devices and data in order to ensure our digital future. The cyberthreats facing businesses and critical infrastructure will continue to evolve causing harm globally, following the rapidly changing social and economic circumstances. Therefore, it is also apparent that in the post-COVID-19 era, organizations will need to rethink their cyber risk management measures.

It is almost certain online scams, phishing and BEC attacks will surge due to the economic downturn and shift in business landscape, generating new criminal activities. The same way as we have the major cybersecurity services provided as "managed service," it is also possible criminals may take advantage of the underground market to look for "cybercrime-as-a-service" given the ease of access, low cost and potential high returns such platforms can offer.

The demand for cybersecurity will dominate in the priorities of every organization now on as each adapts to the post-COVID 19 world. The global cybersecurity market is estimated to be $270B by 2026. By the same year, 77% of cybersecurity spending will be for externally managed security services, reports Australian Cyber Security Growth Network.

Although nobody can be absolutely confident what and how our near future will look like, one is certain: in the post-COVID-19 world, cybersecurity is as critical as Internet access itself.

Lyubomir Tulev (CCISO, ECSA, CEH, CHFI, CEI) is Senior Cyber Security Architect & Business Information Security Consultant at BULPROS. He is also an active member and trainer at International Cybercrime Investigations Training Academy.

BULPROS: Sofia, Business Park Sofia, Building 15A, fl. 5, T: +359 889 584 032, F: +359 2 489 5883, lyubomir.tulev@bulpros.com, www.bulpros.com

ICITA (International Cyber Investigation Training Academy): Sofia, 7 Trayanovi Vrata St, fl.2, ap. 4, T: +359 887 303 289, icit.academybg@gmail.com, www.e-crimeacademy.com

 

Web Exclusive

Commenting on www.vagabond.bg

Vagabond Media Ltd requires you to submit a valid email to comment on www.vagabond.bg to secure that you are not a bot or a spammer. Learn more on how the company manages your personal information on our Privacy Policy. By filling the comment form you declare that you will not use www.vagabond.bg for the purpose of violating the laws of the Republic of Bulgaria. When commenting on www.vagabond.bg please observe some simple rules. You must avoid sexually explicit language and racist, vulgar, religiously intolerant or obscene comments aiming to insult Vagabond Media Ltd, other companies, countries, nationalities, confessions or authors of postings and/or other comments. Do not post spam. Write in English. Unsolicited commercial messages, obscene postings and personal attacks will be removed without notice. The comments will be moderated and may take some time to appear on www.vagabond.bg.

0 comments

Add new comment

The content of this field is kept private and will not be shown publicly.

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.

Discover More

atlantis-burgas
INTRODUCING ATLANTIS / SQUARE
The project combines the benefits of living in a closed residential community with the advantages of having a social space where you can meet new people and spend time with friends and neighbors.

Daniel Nikolov Ludiars
LUDIARS: WHEN PERSONAL FINANCE IS ABSOLUTELY PERSONAL
The LudiArs team believes that an effective wealth increase can only be achieved when people self-manage their money and investments. With the help of experts like those at their company, of course.

Silviu Gugui eMag
SILVIU GUGUI: I PROMOTE A CULTURE THAT MAKES PEOPLE FEEL APPRECIATED
Every online shopper in Bulgaria knows about eMAG and has certainly ordered at least one item through the platform, which offers anything one can think of. The company was founded in Romania and has subsidiaries in Hungary and Bulgaria.

Deni Andonova
MISSION: THRIVE WITH DENI ANDONOVA
Deni Andonova is a certified instructor in Neurographica, a Kinesiologist, Certified K-Power Instructor, Positive Psychologist, Bush flower essences Therapist, Eating Disorders Consultant, author of the books Cellular Nutrition with Deni.

Wellky
WELLKY: THE LIFE-SAVING REMOTE CARE
We all want our elderly relatives and loved ones to be healthy and feeling well. But sometimes we are too far away or too busy to take care of them in person.

Sinisha Djukic
SINISHA DJUKIC: THE TALENT TO BUILD TRUSTFUL RELATIONSHIPS
At Bosch.IO people bring the IoT to life. With decades of expertise in building connected solutions, Bosch.IO is the go-to destination of the Bosch Group for innovation – from the automotive sector to industrial, building and energy, and consumer products.

Metrica Milena Ramcheva
METRICA: CREATING A SEAMLESS CONNECTION WITH YOUR CUSTOMERS
Business growth is the thing each company aims at, but selling more goes hand in hand with enlarging storage capacity, enhancing logistics, hiring more people, and implementing new processes.

georgievi architecture studio sturgel
ARCHITECT KRASIMIR GEORGIEV JR.: TO UPGRADE TRADITION WITH A VISION OF SUSTAINABLE FUTURE
Climate change and the need to reduce the harmful impact of human activities on nature will undoubtedly transform our current lifestyle. This also relates to the spaces we inhabit.

DLSolutions Dimitar Dinchev
THE HOME YOU DREAM ABOUT: DESIGN, REPAIR AND FURNISHING IN ONE STEP WITH DL SOLUTIONS
Everyone who has organised the repair or furnishing of their home knows that what initially seems an easy and even fun endeavour often becomes a protracted suffering, and the result in the end is usually a compromise.

jeluxe cosmetics
JELUXE GOLD SERIES: COSMETICS FOR YOUNG AND BRILLIANT SKIN
Created with lots of love and attention to quality and refined to perfection details, the products provide an outstanding balance of the bouquet of oils and active ingredients, which takes them to a world-class level.

kristina sungarska
KRISTINA SUNGARSKA: WHEN MIND AND SOUL WORK AS A TEAM
In search of answers to existential questions, Kristina Sungarska left her successful career as a lawyer and became a psychologist.

TOBIAS KERZEL
TOBIAS KERZEL: FREEDOM AND FLEXIBILITY AS THE CORE OF MOTIVATION
The fourth industrial revolution is rapidly changing the business environment. Technological progress – especially in the IT sector – is driven by human beings, rather than machines.