The outbreak of COVID-19 has changed the way we work in its entirety. Remote working is now being enforced, with organisations being told to keep all their workforces at home wherever possible.
Remote working has its advantages, but unfortunately, we have also seen a sharp increase in the number of ransomware cases since the enforcement of the new remote working rules. Employees worldwide are working under a completely different set of parameters; ones where new security risks are high and where cybercriminals are finding new ways to exploit any weaknesses they can find.
With these new parameters comes new habits, ones that can result in employees making potentially catastrophic errors. Remote working, whether on an ad hoc basis or in a formal written agreement, can leave a business’s IT network and systems vulnerable. Cyberattacks and data breaches can have serious implications for organisations in terms of downtime, financial implications and reputation of the business. Ensuring your organisation has processes and procedures in place for remote work is the safest way to protect from cyber-attacks and data breaches.
Changes in our work habits can cause us to make mistakes we might not have ordinarily made. Remote working has added a huge number of endpoints to organisations that may not have been there previously. Systems that are now being used to connect to a company’s infrastructure may not have been vetted or provided by the employer. These new endpoints may be lacking in the security controls that corporate machines would have. Remote working also gives corporations less control over their employees – what they are doing and when. More distractions at home can lead to increased engagement in risky behaviour such as clicking on links they wouldn’t usually click on if they were in the office.
We must remember that cybersecurity is mostly a human issue; the employee controlling the computer will always be the weakest point of any system. For example; ransomware through a phishing email only has legs if an employee clicks on the link in the email. Employees need to be extra vigilant when remote working to ensure they are keeping optimal security practices.
With staff turning to the likes of Dropbox, Google Drive and Zoom, many organisations are finding it difficult to monitor what their employees are doing. The emphasis is, therefore, more with the employee to ensure they are following suggested best practice so as not to expose their organisation to attack.
Below are my top three tips around preventative measures to take to keep you and your company safe from ransomware:
- Email security is King. Phishing email continues to be one of the main entry points for ransomware viruses, especially in the case of targeted attacks. Therefore, securing this primary source of vulnerability is essential to everybody who runs a network or connects to the internet. Most individuals trigger a ransomware attack by opening what looks like a normal email that contains the virus in a document, photo, video or other type of file. Most hackers today don’t need much knowledge to insert a piece of malware into a file; there are numerous articles and YouTube tutorials with step-by-step instruction on how to do it. You should always avoid opening an email from an unknown sender. If you receive an email from an unknown source, inform your company data security advisor or IT team immediately.
- Make your network and IT environment secure. When ransomware infects a single computer it is undoubtedly a serious problem. But, when it spreads throughout the network, it can become a nightmare for the IT department and endanger the entire business. Companies that have not already done so should consider implementing a data security software program, which checks all incoming emails before the intended recipient receives them. Such a solution will dramatically reduce the risk that a virus spreads inside a company network. Additionally, IT administrators and management should consider implementing network security software, which automatically monitors the network and its files for threats. The solution will also alert administrators if a ransomware attack is trying to encrypt vast quantities of files over the network. Finally, always update your software and operating systems with the latest patches, whenever they are available. As pointed out so often, hackers are only successful with their attacks when the victim has gaps in their data security policies.
- Ensure you have an up-to-date backup. Protecting yourself also means having a backup of your data. A highly secure backup is a crucial element in preparing your organisation for a ransomware attack. You should test your backup thoroughly and frequently, but most importantly, it must also be easy to restore data. This means that if you are hit by any form of malware you will be able to rebuild your system quickly and hassle-free. If possible, make sure that your backup system is not connected to your network (or only for the time when it’s needed), this will prevent your backup being affected by malware as well.
By undertaking the above, you can work from home with a degree of confidence and focus back on navigating the business through the current pandemic so that you have a brighter future.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.