“Small and medium-sized businesses are big targets for cybercriminals,” says Steven J.J. Weisman, a scam, identity theft, and cybersecurity expert.
The latest situation with Covid-19 and the ongoing crisis has changed the way businesses act and forced them to reshape everyday processes to correspond with the current reality. Most of the companies have switched to remote work and are now massively relying on technologies and digital tools to help them with adaptation. However, despite being innovative and helpful, digitalization comes at a cost. The more advanced it is, the bigger the risk of a cyber-attack.
An example of hackers using COVID-19 messages in cyber-attacks shared on twitter by Scamicide.
Scam of the day – April 28, 2020 – Phony Coronavirus Text Message https://t.co/RtzWU3li5R pic.twitter.com/5QBW0h7sSY
— Scamicide [dot] com (@Scamicide) April 27, 2020
As we (Techlurn) interviewed over 60+ cybersecurity professionals, small and medium business (SMB) owners through the email, requested to share their experiences and tactics on protecting their businesses against increasing cyber-attacks in post COVID era. The results were pretty surprising and they all have a common strategy by the end of the day to close the doors for hackers and intruders to sneak on.
Though, the question was pretty straight-forwarded, 2 of them as follows:
Question #1: What are the key cyber-security measures that small and medium businesses must focus on to counter the increasing cyber-attacks post-COVID-19?
Question #2: What are the best practices for employees who are working remotely/working from homes to ensure confidential data breaches and cyber-security?
And, we requested them to share their favorite & practical strategies which they are currently implementing along with their experiences if any.
Here are the expert answers for our above-mentioned questions to ensure the confidentiality of data and maximize cyber-security:
Steven J.J. Weisman
A lawyer, college professor who teaches White Collar Crime at Bentley University, and founder of scamicide.com.
Question #1: What are the key cyber-security measures that small and medium businesses must focus on to counter the increasing cyber-attacks post-COVID-19?
Answer: Since most hacks and data breaches start with spear-phishing emails where employees are lured into clicking on links and downloading malware such as ransomware or keystroke-logging malware, TRAINING EMPLOYEES TO RECOGNIZE PHISHING EMAILS IS CRUCIAL. Good security software that is regularly updated is important, but the best security software will always be at least a month behind the latest zero-day defects, which are previously undiscovered software vulnerabilities. The use of strong passwords, security questions, and dual-factor authentication is also important as is encryption and backing up all data daily in order to avoid problems with ransomware.
Question #2: What are the best practices for employees who are working remotely/working from homes to ensure confidential data breaches and cyber-security?
Answer: In regard to employees working at home, they should use company approved security software and preferably a company laptop rather than their own computer. They also should use a Virtual Private Network (VPN) and dual-factor authentication. They should also be cognizant of the threat of phishing and spear phishing.
Cyber-security consultant and regular columnist for InfoSec Insights.
Question #1: What are the key cyber-security measures that small and medium businesses must focus on to counter the increasing cyber-attacks post-COVID-19?
Answer: Create backups on third-party platforms because, despite our best efforts, no system can be 100% secure, and backups may be your most effective contingency plan in the event of a successful breach.
Invest in the right technology and implement necessary security solutions to secure your network. Only allow connections to the business network over an enterprise-level VPN that uses multi-factor authentication. If there is a tight security budget, considering equally good open-source solutions is also an option for small ventures. Additionally, endpoint security is especially critical now that most of the workforce is connecting remotely.
Install updates regularly for all your software, including the OS. Some organizations push incremental updates to connected devices to avoid disruptions due to unstable releases. At the same time, it is crucial to patch any security vulnerabilities without any delays. Educate and train your staff on security best practices via mandatory workshops because security is a shared responsibility, and even an intern could unknowingly cause a data breach. Phishing scams and COVID related social engineering attacks are on the rise, with 94% malware being delivered via email. Training your staff to recognize and respond to security threats will reduce the chances of a breach.
Question #2: What are the best practices for employees who are working remotely/working from homes to ensure confidential data breaches and cyber-security?
Answer: Change default or easily guessable passwords on all your network devices (like your router) and accounts (emails, other work-related platforms, etc.). Use unique passphrases (not passwords) across all accounts and enable multi-factor authentication (avoid using SMS as any of the factors). Make use of a password manager because utilizing one is a much better idea than reusing passwords across multiple accounts.
Be mindful of data security because most organizations and their respective clients are meticulous about maintaining confidentiality. While working from your home office, simple measures like locking your screen when stepping away, unplugging or disabling voice assistants during meetings, and so on can decrease the chances of any accidental disclosure of business data.
IT Trainer at CBT Nuggets.
Question #1: What are the key cyber-security measures that small and medium businesses must focus on to counter the increasing cyber-attacks post-COVID-19?
Answer: First, it is important to understand that many of these newer threats take advantage of fears by providing free information or solutions to tracking COVID, but that includes Trojans and ransomware. These solutions may appear to be valid office documents but contain malicious macros. Others are in the form of toolbars/add-ons for browsers, or whole apps for mobile devices. Increasing quantities of emails include links to sites that are spoofing valid medical or news information. Prevention begins with having an up-to-date firewall and intrusion detection tools, to prevent compromised systems from using the network maliciously. To prevent intrusion in the first place, however, reduce or remove local administrative privileges to install software onto company devices and run posture assessment against any systems that access the corporate network.
Question #2: What are the best practices for employees who are working remotely/working from homes to ensure confidential data breaches and cyber-security?
Answer: The first step is for security administrators to have clearly defined policies on how and what data can be stored on a remote device, and keeping it as limited as possible. Policies should identify which types of secure access (such as VPNs) are available for employees to connect to business networks, and ensure that all access is made using these secure channels. Policies should also establish if and what types of software or documents can be downloaded or opened as attachments from internet sources, such as email. Then, EMPLOYEES NEED TO BE EDUCATED on these policies, with a firm understanding of the overwhelming cost that potentially could come to a company if they are not followed correctly.
CEO of Expense Reduction Group shared his experience with us.
“The increase in cyber attacks has concerned me and my organization a lot. We’ve had multiple incidences where hackers attempted infiltrating our systems and accounts during this pandemic period. We’ve noticed an increase in phishing scams related to real estate. Most scammers are taking advantage of this period when people are vulnerable and depressed. For instance, they send emails to homebuyers representing as a supposed real estate agent or worse, legal representative instructing the unsuspecting reader to immediately wire funds to reserve the property or close the deal.”
“By ensuring cybersecurity program in our organization, which includes guidelines on hardware and software security, personnel management and conduct, we’ve been able to mitigate the impact of cyber attacks that would have cost us thousands of dollars in terms of identity theft and lost private data. Normally, our human resource, IT department and executive board review these policies to prevent any attempts at infiltrating our system. Employees are important in disseminating policy awareness to ensure that compliance organization-wide is observed. In addition, we’ve hired the services of a firm that can demonstrate a cyber kill chain process to obstruct the further progression of attacks at each stage.”
Key takeaways of the interviews, which is held with over 60+ security expert and SMB owners:
1. Hardening business infrastructure security:
While many may think sophisticated and robust tools are the best line of defense against cyberattacks, it is often the basic fundamentals of cybersecurity that prove to be most successful. Advanced threat protection, anti-malware, external vulnerability scans, etc. are still useful and necessary, but in many cases, it is the absence of more basic safeguards that lead to compromise. Our response team constantly uncovers indicators of compromise and oftentimes the effective use of fundamental cybersecurity practices could have prevented the attacks” says Christopher Gerg, CISO & VP of Tetra Defense – digital forensics lab and incident response firm.
Embrace a cloud collaboration platform. To further help employees avoid using non-compliant ways to collaborate, give them a collaboration tool you do authorize. Tools such as Google Drive, Box, Citrix ShareFile, Microsoft SharePoint, Microsoft OneDrive, etc. can empower employees to be more productive while ensuring you can apply proper protection and policy control to remain secure.
2. Being up-to-date with software & Business applications:
“Businesses must pay particular attention to the security of employees’ devices by delivering regular security updates in a centralized manner as well as by providing recommendations on personal devices’ settings and security upgrades,” said Ivan Kot.
“Enable remote patching and policy control. As users work from home, be sure that their systems can securely communicate with your corporate infrastructure to receive the latest policies, patches, and updates. It only takes one device that hasn’t been patched to let a breach into your network,” says Daniel Martin, vCISO at Veristor – an IT solution provider.
3. Access control and monitoring:
“Managing and monitoring remote working employees including cyber-security risk management. Creating and implementing network and resource access control policies will help in securing valuable business and customer data from cybercriminals”, says Digiguard’s senior technician – Harvey Yan.
With all the needed resources, managed access, and monitored activity, businesses will manifest risks and secure critical assets.
4. Clean up user accounts:
Now is the time to prune out any non-active accounts. Disable accounts for former employees or contractors and be sure that your existing users have been assigned appropriate roles with the least privileges they need to get their job done.
5. Training employees on cyber-security:
Yeah, almost everyone we interviewed is agreed with this particular one and suggested: “businesses must focus on providing their EMPLOYEES WITH PROPER CYBERSECURITY TRAINING.”
“In order to eliminate any potential risks, leaders should take a systematic approach to business transformation and its security in particular, by conducting employee awareness training to avoid insider threats,” says Maria Saigatova from Blast Sourcing.
6. Be cautious with BYOD policy:
especially in a bring-your-own-device (BYOD) scenario. Mitigate ransomware by limiting local storage of data to devices, backing up data regularly, and pre-encrypting data, before a threat actor does it to remove access to your data will help in critical situations.
7. Incorporating secure communication methods:
All the personal information should be shared in secured chats or through business communication platforms and never in social media. The amount of information that can be withdrawn from the messengers, people use daily is frightening.
8. Implementing regular Backups:
“One of the most important cyber-security measures small and medium businesses must focus on is back-ups. Especially with remote working accommodations being so widespread, more workers have their company laptops at home. This is especially important in a time when ransomware is taking down entire departments.” says Randolph Morris, founder of BIT Developers.
We also surveyed many IT-employees who are working from their home, “What if your hard disk fails right now? Over 80% of people stated, “it would be the worst and a lot of critical files that could not be reproduced with any reasonableness.” Unfortunately, only a few of them claimed they have backups and remote server synchronization.
9. Strong passphrases and Two-factor authentication
“With the global shift to remote work, SMEs had to rethink their cybersecurity strategies and make endpoint protection one of their key enterprise cybersecurity aspects. Since employees use corporate resources remotely, cybersecurity teams need to strengthen user authentication, access policies, and introduce additional verification steps (two-factor authentication) to prevent unauthorized penetration.” Ivan Kot, senior manager at Itransition shares his opinion.
10. Utilizing VPNs:
Home internet connections are the least secure networks, could possibly allow hackers to take down your entire office network.
“For those working from home, the best way to ensure confidential data breaches and cyber-security is by using a VPN. Businesses should provide secure VPN access to their remote employees those working from home to protect the transfer of sensitive data” says Mark Rapley, Director at KWIC Internet.
Final words:
Covid-19 is reshaping the business’s infrastructure, forcing people to adapt, while hackers are targeting this massive dependence on digitalization. Companies that plan to focus on the “back-to-normal” working model will waste their time, effort, and, what is more important, money. It is vital to react and start transforming to establish a new way of doing business, paying extra attention to security measures, and RAISING EMPLOYEE AWARENESS. The pandemic is not really an evil fate but an opportunity to establish a new work model and adopt resilient and safe business operations and processes.
Thanks for reading. Let us know your thoughts in the comments. Please like and follow us on social media for regular updates.