Focus on what counts
Insights

Cybersecurity Awareness Is Critical During the COVID Crisis

March 20, 2020
view all archive

With each passing day, it is becoming more apparent that we will be living with the terrifying effects of COVID-19 for the foreseeable future. This virus has changed the world as we knew it, impacting every aspect of our lives, including the way that we work. Vast numbers of businesses have asked their employees to vacate the secure confines of their corporate IT environments and instead make home their workplace. The dangers of transitioning to an often less secure work setting is compounded by our need for information and willingness to support charitable causes, which has increased our susceptibility to opening emails we would normally avoid. This confluence of events has created a perfect storm for cybercriminals to take advantage of, with myriad misfortunes hiding behind the next wrong click.

Cyber criminals could provide a modicum of comfort if they would abandon their nefarious activities until normalcy returned. Unfortunately, the exact opposite scenario has unfolded, and cyber-attacks have spiked during the crisis, with attackers leveraging the chaos with lethal precision. From the moment the outbreak began, criminals have used COVID-19 emails as a spearhead for their spear phishing campaigns. Whether it is surreptitiously sending infected files purporting to be from the World Health Organization or rerouting clicks to spurious charity websites, the world’s deadly pandemic is a cyber-criminal’s windfall.

To help make our stressful lives less anxious, there are some strategies we can utilize to help avoid the pitfalls associated with cyber-attacks:

  • Pause before taking action when receiving any emails appealing for help or offering breaking news and if you are not absolutely sure the request is legitimate, take a moment to contact the sender by phone for verification

  • Be vigilant for any request asking you to click on a link, open an attachment, or reply with sensitive information and always ask yourself if you were expecting this email from this person at this time

  • In addition to email attacks (spear phishing), attackers may also use phone calls (vishing) or text messages (smishing) to deceive us, pretending to be a trusted source such as a member of IT in order to trick us into betraying sensitive information such as our passwords

  • If you are working on a home computer or loaner and not your usual company-assigned system, be sure that your antivirus, firewall and other security solutions are enabled and up to date

  • Connect to company resources using a secure network connection, and avoid free or unsecured Wi-Fi

  • Avoid using computers with out-of-date operating systems such as Windows 7, as they no longer receive security patches, making them more vulnerable to attack

  • Be sure to have the contact information for the person in charge of your company’s security in the event you experience an attack or need to report an incident

While the hope is that things will return to normal in the very near future, we need to remain vigilant until they do. By maintaining a focus on cybersecurity, whether we are working from our office or from home, we can greatly increase the chances of staying safe and secure.