Coronavirus: Keeping your systems safe during a vulnerable period

Article Submitted by Coubari Ltd. 

The progress of Coronavirus Covid-19 is changing every day, it is justifiably on everyone’s minds and is a major talking point in homes, offices and public spaces. Companies are hastening to put contingencies in place and deviate from their normal working practices to enable business to continue as normal via home-working and the like.

Beware: hackers profiting from distraction
It is probably quite depressing to acknowledge that people will look to profit from Coronavirus via unscrupulous means and none more so than hackers, fraudsters and scammers. It is always important to be vigilant over email and internet security during normal business, but I strongly urge that individuals and companies take absolutely nothing for granted and are extra careful during this period.

Fraudsters will identify Coronavirus and its priority on the business agenda as a distraction for people and will take any opportunities available to get onto systems. They will appreciate that more staff will be working from home and therefore likely to access their online work spaces via potentially insecure connections. They understand that staff picking up the workload for absent or poorly colleagues may well be managing their colleagues’ mailbox with its unfamiliar contacts. Should we get to a stage where home delivery services are interrupted, they will understand that people, pre-occupied with current concerns and a slightly different workload from normal, will lose track of online purchases and click on links for deliveries they are not actually expecting. These are just a few examples of standard hacker tactics but here they are capitalising on individuals and businesses being distracted and particularly stretched and therefore particularly susceptible.

Vulnerable businesses and demands on IT services
They will also take full advantage of the knowledge that IT support staff stretched and constrained by the sheer demand for an immediate change to normal IT support structures and service provision, and possibly their own drop in staffing levels, may not be able to respond to security breaches, ransomware, password phishing and system security updates and mitigate them with the same speed and gusto as normal. Especially if there are multiple attacks in a short space of time. Time can be lost and financial pressures can be increased right at a time when businesses are vulnerable and struggling to cope with staff numbers that may be far lower than usual

Exercise caution at the most basic level
• Coubari policy is for client staff working remotely only to do so via a client-issued device which complies with Coubari IT security measures.

• Please, check the bank details on invoices you are about to pay; check who the sender is and if there is any doubt as to the identity of the person at the other end then telephone them using the number you already have for them in your systems. Homeworkers may well be using their own phones for contact and verification processes, but so will fraudsters.

• Do *not* blindly open links sent to you by friends, colleagues and contacts; the few moments it will take you to verify directly with the sender that it is legit is nothing compared with the potential for financial losses if it is not.

• Bear in mind that certain file types – particularly larger ones – will be slower to work with for homeworkers. This will be particularly noticeable for those who are unused to working remotely. If you need to save items on your C: drive to speed things up, be sure to upload them back onto the network at the end of your working day because to leave things on your hard drive means if your laptop is stolen then your work goes with it. If you are working on a file accessed by someone else, manually check your upload won’t over-write their changes.

None of this is to say that if these steps are taken then security threats will be eliminated, no IT professional can ever say that at any time – hackers work on a cost-benefit basis and work day and night on new methods of getting on to a system – but threats can be significantly reduced by caution being exercised at all times, particularly through this period of uncertainty.