Protect Your Organization From COVID-19 Cyberthreats

By BDO Digital| April 07, 2020
The spread of COVID-19 has pushed many organizations to adopt remote work policies. This influx in remote work has created a gap in cybersecurity standards and it’s becoming a growing concern. Cybercriminals are exploiting COVID-19 to target organizations and individuals.
 

How Cybercriminals Are Exploiting COVID-19

According to WeForum, the global pandemic has led to the creation of more than 100,000 new COVID-19 web domains, many of which are malicious or suspicious.

Cybercriminals are taking advantage of our need for information when working remotely. Attackers are sending COVID-19 themed phishing emails, that claims to have official information on the virus, to lure individuals to click on malicious links that downloads remote access trojans (RATs) on their devices. Cyber-attacks are occurring during video conferencing as well. Applications like Zoom are being targeted. Attackers are joining calls, copying information, and sharing unsettling images to users.

Attackers are also taking advantage of the remote work environments. Many users working from home have not applied the same level of security standards on their personal networks, in comparison to their corporate environment. Cybercriminals are hacking into personal networks and attempting to steal data from open devices. These cyber-attacks are nothing new, but the shift to remote work environments is allowing the attackers to easily enter new territory. There is no sure end to remote work and cyber-attacks are not stopping, so how will you protect your employees, data, and organization from these criminals? 


How to Protect Your Remote Workforce from Cyberattacks

Here are some ways you can protect your organization and all those involved:

 
  1. Create an organizational culture of cybersecurity: Business leaders should work with IT and security teams to identify the likely attack vectors as a result of more employees working from home and discuss ways to protect the most sensitive and business-critical information. Ensure that the C-suite and IT team promote and support all employees practicing effective cybersecurity policies and processes.

  2. Inform your employees: Periodic reminders of good password hygiene and being wary of phishing attacks will keep employees engaged and secure during these critical times.

  3. Secure your conference calls: When hosting conference calls, make sure the call is secure and limit the number of attendees. Check-in with software providers to see what protocols they have in place and what adjustments need to be made.

  4. Incorporate the right tools: Intelligent tools in Microsoft 365 and Windows Defender ATP can harden your defense; automatically alerting and responding to suspicious behaviors to keep your organization secure.