Thursday, April 9, 2020

Impact of Coronavirus on Cyber Security and Education

The coronavirus has impacted everyone. Whether you’re in downtown Manhattan or a rural outpost, seemingly far from the problem, it is a global issue. During these times of biological viruses, we are also faced with problems stemming from computer viruses, malware, and other high-tech vectors. Since everyone is more active online than they’d normally be, you should probably be thinking more often about your relationship to cyber security. After all, if you’re working or otherwise interacting with the outside world, the chances are good that you’re doing so via the Internet.

COVID-19 (Coronavirus), Cyber Threats Increase and Moving to Online Learning

 

What is It?

COVID-19, the disease that stems from SARS-CoV-2, a newly discovered and very contagious coronavirus, is an illness that manifests as a severe respiratory tract infection in the worst of cases. The disease his highly communicable and is now a pandemic, or global epidemic.

Where Did it Come From?

The exact origins of the disease are still unknown. However, scientists do suspect that the disease originated elsewhere in the animal kingdom and then mutated, finding its way into the human population. The first major outbreak of COVID-19 was in Wuhan, China, but it is suspected that the virus could have been circulating well before that event.

How it is Spread?

COVID-19 is spread through interpersonal contact. In particular, it is known to transmit when an infected person is in close quarters with another. The disease spreads on the breath via respiratory droplets and when someone coughs or sneezes. When the drops land in the mouth or nose, infection is likely. It is also possible for droplets to land on surfaces, such as doorknobs or tabletops where they can transmit to another’s hand. When they touch their face, the virus might find a purchase that leads to infection.

Coronavirus Impact on Business and Cyber Security

Businesses are feeling a tremendous impact due to coronavirus. People are staying home and not driving, which has an immediate impact on the oil markets and local businesses, even if they aren’t closed due to their “non-essential” status. Social/physical distancing means that people are no longer attending concerts, eating in their favorite restaurants, or purchasing party supplies. The economic waves from this pandemic are countless.
Some businesses are able to remain in operation by relying on telecommuting technologies. However, when their methods are ad hoc or reliant on insecure connections, the threat to their cyber security is greatly increased. The teleconferencing application Zoom has already been infiltrated and compromised by bad cyber actors. Though the attacks amount to so much digital vandalism, they do interrupt productivity and may even traumatize some workers.
Some elementary teachers who are attempting to teach youngsters via Zoom have reported their students ditching class for Zoom conferences they create themselves. On the other hand, some yoga studios are able to continue to employ their teachers by using the software. This is a boon to home-bound yoga aficionados.
The opportunities for mischief are multiplying as more people are moving their work to the online medium. However, Zoom is acting fast to address these problems. Where their conferences were previously not protected by passwords, the company has added that layer of security in addition to cryptography and disabling the ability to scan for open meetings, which hackers used to find victims.
Since many workers are now working from home, it’s vital that their home Wi-Fi connections or networks be secured with strong passwords. The best passwords are created using a random string of letters and numbers that includes a symbol, such as a punctuation mark. It is also advised to refrain from using insecure technologies, such as Bluetooth, on one’s work laptop.

Increases in Cyber-Threats

The pandemic, and the ensuing push to work from home, are creating more and more opportunities for cyber attackers. Malicious hackers have also chosen to exploit our increased reliance on healthcare systems. Ransomware attacks on hospitals are on the rise and both the Department of Health and Human Services and the World Health Organization have likewise been victims of attempted attacks.
Since more workers are taking laptops home and are using their home connections to access servers at work, there are increased risks to corporate security. Home networks typically have weaker password protections that are easier for hackers to deduce. Some households even leave their networks unprotected for random hackers to find. Further, when workers are using their personal home computers for work, their children might inadvertently download viruses or malware during unsupervised screen time.
Thus, companies need to provide safeguards against such vulnerabilities. Something as simple as installing a secondary hard drive for a worker to use at home can save money and bolster security. It’s also vital to educate workers as to how they can create robust passwords for their home networks and to provide simple steps they can follow, such as using a non-work device to connect to Bluetooth at home as hackers can exploit that technology without any passcodes whatsoever.
To address these issues, federal law enforcement agencies have rallied to protect the public and the world of business. The FBI has been very vocal in its response to attacks on the teleconferencing software Zoom, and the Department of Homeland Security has issued a document to help executives address cyber security issues that may arise due to coronavirus.
The Coronavirus pandemic has seen a spike in cyber security attacks such as:
  • Ransomware
  • Phishing
  • DDoS attacks
  • Malware Attacks

The Future of Telework

The coronavirus pandemic has resulted in a mass movement of workers to the world of telecommuting. This poses a new set of problems for businesses in terms of workplace efficiency, added costs for equipment, and new cyber security threats. Since the problem arose seemingly overnight, IT departments and cyber security professionals have had to scramble to find workable solutions to the problem.
Inevitably, as the period of social distancing goes on, businesses will discover how to better address telecommuting. While there may be problems in terms of new cyber-attacks, each organization will strive to address these issues, while hackers will shift their strategies.
Once the pandemic is under control and it becomes more feasible for people to return to work, it’s still likely that telework will remain a larger part of the corporate picture. While it has been creeping into the corporate landscape more and more over the years, the coronavirus pandemic has blown the doors wide open. Many workers prefer working from home, but others may decide that they’d rather spend their time in the office, or that a healthy balance is ideal.
Businesses will need to determine how to address certain issues such as hardware. When workers use their personal devices for work, there is an increased risk that those devices may be compromised. Companies have the option of providing proprietary, company-owned laptops or offering a compromise in terms of a secondary hard drive. These drives would be used exclusively for work purposes yet allow the worker to still use the same laptop to access their personal drive that houses their photos, music, and personal documents.
Employees will need to work with employers to create more secure Wi-Fi connections at home. This might be as simple as creating difficult passwords Those connections also need to be fast enough to support technologies such as teleconferencing software.

Remote Work Opportunities

Remote work has long been the domain of traveling salespeople, consultants, and freelance workers. Now, however, more and more organizations are providing remote work opportunities to employees. This is a response to the growing popularity of telework. Companies such as WeWork have based their model around catering to independent workers, small startup companies, and telecommuters and many coffee shops nationwide are now full of people working to complete assignments for their boss.
Websites such as flexjobs.com now cater to workers that prefer to work from home on a full-time, part-time, or freelance/project basis. This phenomenon has spurred employers to start providing telework opportunities for their new and existing workers. Now, many workers find that they spend a certain percentage of their workweek in the office and the remainder working from whichever Wi-Fi hotspot best suits them.
Here is a brief list of employment websites that cater to aspiring teleworkers:
  • Flexjobs.com
  • Skipthedrive.com
  • Pajamajobs.com
  • WeWorkRemotely.com
  • WorkingNomads.com

Tuesday, July 23, 2019

What Are The Most Impactful Tips For Educating My Employees About Cybersecurity?

Most corporate decision-makers acknowledge that awareness is a significant aspect of cybersecurity.

Just how important it really is, however, is not clear to many, and is putting numerous businesses at unnecessary risk.

Fortunately, raising the cybersecurity education level of your employees does not have to be overly expensive or difficult.

The magnitude of the issue can be seen from just a few numbers. The latest statistics available from the IBM X-Force Threat Intelligence Index show that inadvertent insider actions were responsible for more than two-thirds of all records compromised in 2017.

Kaspersky estimates the average cost of data breaches at $120,000 for small and medium-sized businesses, so it is clear that a lack of cybersecurity education is an expensive risk, and becoming more so.

Avoiding those inadvertent insider actions is largely a matter of knowing what those inadvertent actions are, and why they are taken. Educate employees about them, as well as what to do if they suspect a breach or risk of a breach, formulate effective policies, and establish good communication practices, and your cybersecurity stance can be significantly improved with the technology you already have.

What Employees Need To Know What To Look For

Identify the most likely security risks and threats each employee is likely to face, and explain the threat to them. Employees should know what they are, how they work, how to spot them, and what to do if (or when) they do.

Phishing is a common threat vector for businesses of all sizes and generally relies on an employee providing information or clicking a link to what they think is a trusted party, but is, in fact, a fraudster.

While phishing techniques are becoming more sophisticated, the general principles that guard employees and the businesses they work for against them are still the same.