CYBER-HYGIENE IN SEVEN EASY STEPS

CYBER-HYGIENE IN SEVEN EASY STEPS

Wed, 06/03/2020 - 10:50

Prepare for the 'day after' COVID-19

Lyubomir Tulev.jpg

Lyubomir Tulev

Over the past few weeks, we have been waking up with the daily briefings on the major TV stations listening to the numbers behind the COVID-19 pandemic. The disease headlines have spread out all over the world, including Bulgaria. The newly implemented restrictions forced thousands of organizations and individuals to embrace new practices such as social distancing, hand washing and remote working. Nevertheless, while the world is focused on the health and economic threats posed by COVID-19, cybercriminals undoubtedly are capitalizing on this crisis.

Although biological diseases and pandemics are under the category of operational risks for the business, resulting in information security aspect and should be taken into consideration during risk assessment and business impact analysis, nobody could have even been able to predict such a scenario what we face now with COVID-19.

The business has acted reactively, turning their activities into remote ones as an alternative to total closures. With increased remote work unfortunately we faced an increased risk of employees accessing data through unsecured and unsafe Wi-Fi networks, using personal devices to perform work, and not following general security protocols established by the company.

By the end of March, an increase of domains registered with keywords like "COVID", "corona" or "vaccine" has been noticed. Many of these are considered to be developed with malicious intent – to be more precise, 2,022 malicious and 40,261 marked as high-risk domains, according to Palo Alto Networks report.

The reason is obvious – cybercriminals create fake websites related to COVID-19 to entice victims into opening malicious attachments or clicking phishing links, resulting in identity impersonation or illegal access to personal accounts. Trend Micro reported that nearly one million spam messages have linked to COVID-19 since January 2020.

Just because the organizations were pushed to make this move into teleworking, but at the same time without being prepared for that, this has revealed the need for real cybersecurity measures.

The same way we are instructed to keep our hands' hygiene high, luckily, there are 7 basic actions you can take when working remotely to keep your so-called cyber-hygiene:

1. Physical security: implement full disk encryption and auto locking-out mechanism and use strong passwords and implement.

2. Securing remote connections: remote access to company networks should be established through an enterprise virtual private network (VPN). VPNs should also be configured with multi-factor authentication as an added security layer.

3. Use of personal devices: where mobile devices are permitted to connect to the corporate network, they should be controlled using mobile device management software.

4. Use of Wi-Fi networks: just because our home network infrastructure is the first security parameter when criminals are attacking, it requires employees to be advised to secure their home Wi-Fi networks with a robust password with minimum WPA2 encryption mechanism put in place.

5. Phishing and malware: employees should be informed about phishing emails disguised as coronavirus updates or as updated company policies. Malware, spyware and Trojans are also found embedded in interactive coronavirus maps and websites. Spam mails are also tricking users into clicking on links which download malware to their devices.

6. Secure conferencing: use only secured platforms for teleconferencing and meetings with colleagues because some services may not be secure or may even record your employees' conversations by default.

7. Take security trainings: cyber threats are constantly changing with increasing digitalization and new technology. Use the time of social distancing and staying at home to improve your resilience by education. It is highly recommend to learn the basics about how to secure your digital presence.

"The day after" the COVID-19 era seems unpredictable. The crisis is likely to be with us for a while and will change our lives forever with new work styles, new cybersecurity issues, new proposed policies, personal hygiene requirements and so on. We will face new risks and challenges, but we need to ensure the security of our networks, devices and data in order to ensure our digital future. The cyberthreats facing businesses and critical infrastructure will continue to evolve causing harm globally, following the rapidly changing social and economic circumstances. Therefore, it is also apparent that in the post-COVID-19 era, organizations will need to rethink their cyber risk management measures.

It is almost certain online scams, phishing and BEC attacks will surge due to the economic downturn and shift in business landscape, generating new criminal activities. The same way as we have the major cybersecurity services provided as "managed service," it is also possible criminals may take advantage of the underground market to look for "cybercrime-as-a-service" given the ease of access, low cost and potential high returns such platforms can offer.

The demand for cybersecurity will dominate in the priorities of every organization now on as each adapts to the post-COVID 19 world. The global cybersecurity market is estimated to be $270B by 2026. By the same year, 77% of cybersecurity spending will be for externally managed security services, reports Australian Cyber Security Growth Network.

Although nobody can be absolutely confident what and how our near future will look like, one is certain: in the post-COVID-19 world, cybersecurity is as critical as Internet access itself.

Lyubomir Tulev (CCISO, ECSA, CEH, CHFI, CEI) is Senior Cyber Security Architect & Business Information Security Consultant at BULPROS. He is also an active member and trainer at International Cybercrime Investigations Training Academy.

BULPROS: Sofia, Business Park Sofia, Building 15A, fl. 5, T: +359 889 584 032, F: +359 2 489 5883, lyubomir.tulev@bulpros.com, www.bulpros.com

ICITA (International Cyber Investigation Training Academy): Sofia, 7 Trayanovi Vrata St, fl.2, ap. 4, T: +359 887 303 289, icit.academybg@gmail.com, www.e-crimeacademy.com

 

Web Exclusive
0 comments

Add new comment

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
6 + 1 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Discover More

IMG_9988.jpg
DIBLA CELEBRATES AMAZING SUCCESS WITH THE FIFTH EDITION OF DESIGN>PEOPLE NATIONAL FORUM
As it is unique for Bulgaria, Design>People forum remains exceptionally popular with professionals.

колаж.jpg
PULSE FITNESS & SPA CONTINUES INNOVATING IN ITS CLUBS
In the past 12 months the chain added three new sites at convenient locations: Pulse Fitness Energy Club (Ring Mall, 214 Okolovrasten Pat St, floor 3), Pulse Fitness & Spa Mladost (251А Okolovrasten Pat St) and Pulse Fitnes

EU_Fund_1000_2.jpg
VAGABOND MEDIA RECEIVES GRANT AS A PART OF THE EU PROCEDURE FOR OVERCOMING THE SHORTAGE OF FUNDING AND THE LACK OF LIQUIDITY CAUSED BY THE EPIDEMIC OUTBREAK OF COVID-19
The project is a part of European Union's Operational Programme Innovations and Competitiveness, priority Entrepreneurship and Growth Capacity of SMEs. 

Trade Center Europe.jpg
TRADE CENTER EUROPE: HOME FOR YOUR BUSINESS
The harmonic combination of offices and zones for recreation, services and entertainment makes an overall unit that in 2011, with Building 15, deservedly won the prestigious Building of the Year award. 

Nadezhda Petrova.jpg
СOIN CONSULT LAW PRACTICE: A RELIABLE PARTNER TO PRUDENT COMPANIES
When a company faces such questions, the best solution is to seek help from experts in the field. Coin Consult Law Practice is experienced in debt collection and legal services for corporate clients.

KO-OP
KO-OP: CREATIVE SPACE FOR BOLD IDEAS
It brings together young, creative, and talented freelancers who not just work in the same room, but create, share ideas and generate projects together.

Bassi_Borislav_Paleshnikov-2.jpg
BULGARIA: A STRATEGIC NEARSHORE OUTSOURCING LOCATION
The business environment in Bulgaria cultivated an innovation spirit that turns outsourcing not just into providing BPO/ITO services, but rather serving as a team extension, remote product and application development incubator.

Sofia Tech One.jpg
ONE OFFICE BUILDING IN SOFIA BULGARIA: ONE LOCATION, COUNTLESS OPPORTUNITIES
The building's concept is to combine high technologies and elegant design. The project covers all requirements for a Class A property and the highest category of BREEAM certification. 

Viktoria Petrova
SOITRON: FLEXIBLE AND CLEVER IT SOLUTIONS
Soitron is a company that for almost 30 years has helped smart firms to achieve their goals without unnecessary expenses using Systems Integration and Managed Outsourcing Services.

Dobromira Manasieva
GET IN SHAPE WITH WELLNESS STUDIO FIGURA SPOOL
A well-shaped and fit body is not only a fashion – it is an indicator of high tone, high self-esteem and a healthy lifestyle.

KoDent.jpg
KODENT DENTAL CLINIC: TOP-QUALITY DENTAL CARE
The team of KoDent has one mission – to provide patients with top-quality dental health by use of precise diagnostics, planning and implementation of the most advanced technologies. What are these technologies?

office fruit.jpg
OFFICE FRUIT: A BASKET OF HEALTH ON THE DESK
We are all aware how important is healthy eating yet when we are at the office we often forget about it. Stressed by meetings, deadlines and tasks, we much too often snack on sweets, chips and other junk food.