Remote Workforces Pose Higher Risk for Cyberattacks During COVID-19 Pandemic
Share this article:
Right now, New York, along with many other states are under a strict “stay at home” mandate due to the rapid increase of COVID-19 cases. As a result, many people are now working from home. While working from home can help curb the spread of the virus, it unfortunately, increases many business’ risk for cyberattacks. Although some employers may have experimented with remote working in the past, the vast majority are scrambling to make it work for the first time and may be unknowingly putting themselves at risk for cybersecurity attacks.
Some potential cybersecurity risks to your business include phishing emails asking for donations for fake charities or asking individuals to share personal information for epidemiological studies. The websites of the World Health Organization (WHO), the Centers for Disease Control and Prevention (CDC) and John Hopkins Medicine (JHM) have all been hacked by cybercriminals during the pandemic. In some instances, criminals spoofed websites to carry out computer virus deployment schemes. Other methods used by cybercriminals include using scare tactics as a lure to encourage people to open malicious emails, potentially compromising network security with malware that can steal the user’s browsing history, IDs, passwords and other personal information.
As a business owner, it’s important to act now on securing your company’s networks, devices and systems from potential cyberattacks. Below are some key considerations for your remote workforce in an effort to close loopholes and prevent a devastating cyberattack on your company.
- Ensure employees can access their computer using a virtual private network with multifactor authentication.
- Whitelist IP addresses that are allowed to connect via RDP.
- Make sure that unique credentials for remote access are in place – particularly for vendors.
- Force regularly scheduled password resets, preventing recycled passwords.
- Train employees to recognize and report suspicious email traffic.
- Patch systems. Allow automatic patching of the operating system and internet browsers. Stay on top of anti-virus software updates to detect new emerging threats that can go unnoticed in a system if the anti-virus program is out of date.
- Apply web filtering. Ransomware infections can occur through malicious websites or malicious ads hosted on legitimate business websites that will redirect a user to a bad site. Apply filtering at the network and endpoint level that blocks connections to known-malicious sites.
It’s always a good idea to have a rapid response plan, including a list of technology, cybersecurity and legal professionals that can assist you to recover in case of a cybersecurity breach. And of course, cybersecurity insurance is important and recommended, as it helps a business recover from a security breach or other cyber event. The team at Rose & Kiernan, Inc. can help assist you in finding a cybersecurity insurance policy to help protect your business. We can also help refer you to resources who can help you prepare a remote workforce police.
Rose & Kiernan, Inc. will continue to monitor and advise on the coronavirus (COVID-19) and its impact on businesses and the workplace. Any further questions on cybersecurity risk management, please contact us here or by calling (800) 242-4433.
Please note that news and events surrounding the COVID-19 pandemic are changing quickly. The information provided in this blog post represents where things stand on the date of publication.
