As if the coronavirus were not enough to worry about, we now have another concern that it is causing: It is increasing the chances that cyber criminals can target the teams we work with from home.
Why is this happening? This blog also has an article that explains why the majority of Spanish companies were not ready to implement teleworking prior to the crisis. According to Eurostat, only 4 percent of Spanish workers typically worked outside of the office. Companies that were able to implement it quickly have been the ones who have. There is a possibility that protection measures may not have been established. These would have been more stringent and more easily adapted to private homes if time was allowed.
Cybercriminals took advantage of the slower adaption of the facilities to try and act at any point of weakness in cyber protection. The National Cryptological Center (CCN) has warned the public that cybercriminals are increasing their activity in ransomware, phishing, remote code execution, and information exfiltration.
We can also refer to the CCN document Security recommendations for Teleworking Situations and Surveillance Reinforcement. This provides technical solutions for remote workers and secure ways to manage email at home. These are the best options to hold virtual meetings.
The National Intelligence Center, (CNI) is more focused on professionals in Information Technology Departments and makes the following recommendations for teleworkers.
First, make sure your operating system is up-to-date.
You should exercise extreme caution if you connect to your computer remotely. Use trusted VPN whenever you can.
Avoid intrusions when you host remote meetings. You should ensure that only the scheduled users have access to the meeting, and that they use a password.
Use the VPN service provided by your company to access the internet together. It is essential to create a second factor of authentication.
Do not open emails from government agencies about Covid-19. Your email account will not be able to receive any official information.
As a general rule, you should enable file extensions to prevent the execution of malicious code. Check the file extension before opening it (.docx.pdf..xlsx. ) and make sure it doesn’t contain any unusual patterns (.exe.,.vbs.ps1,.jar,.cpl.,.cmd… etc. .
Finally, when was the last time you did not have a backup? You must keep regular backups. This preventive measure will help reduce the potential impact of any incidents.
These are rules we all need to follow when using equipment that is connected to our home networks. If telecommuters who work from home, or temporarily, can consider and follow this advice, it will help us to compare the protection we provide for our equipment with those we use in the workplace.