Cybersecurity in the Age of COVID-19: Is Your Company at Risk?

The coronavirus pandemic has changed the way we live and work, and not always for the better. Businesses have scrambled to keep their operations running, in many cases letting cybersecurity concerns fall by the wayside. While this is understandable, it has also created a new breeding ground for computer criminals. According to a survey by Kaspersky ,Namibia ranks third in the world when it comes malware attacks, 2.9% of malware attacks globally are targeted towards Namibian banking sector since the beginning of the pandemic.

According to a survey by Kaspersky ,Namibia ranks third in the world when it comes malware attacks, 2.9% of malware attacks globally are targeted towards Namibian banking sector since the beginning of the pandemic.

The Rise of Remote Work

Due to lockdowns and stay-at-home orders around the world, an unprecedented amount of the labour force has shifted to remote work arrangements. Workers’ devices may contain sensitive data or connect to company networks while falling outside of the traditional network security perimeter. This can lead to data loss, or even full-scale breaches when those endpoints are used to penetrate further into company networks. Businesses also increasingly rely on outside platforms, such as cloud services and collaboration tools like Zoom, which bring their own risks.

COVID-Related Phishing Scams

It’s an old story at this point: Criminals send out emails pretending to come from a trusted source, with the intention of luring the victim into clicking a malicious link, downloading malware, or giving away sensitive information.

While this is an established threat type by now, the pandemic has created new opportunities for scammers. There has been a huge rise in phishing emails related to COVID-19. The fraudulent messages frequently claim to contain important health information about the virus and may impersonate the WHO or other agencies.

How to Stay Safe

The threat landscape is changing, but so are the tools of cybersecurity. Let’s go over some of the ways you can mitigate these risks.

Secure Your Infrastructure

• Servers should be kept up to date with the latest patches and backed up regularly.
• Network architecture should follow cybersecurity best practices, such as effective use of firewalls and demilitarized zones (DMZ).
• Isolate Internet-facing services like web servers from critical resources.
• With more employees working remotely, virtual private network (VPN) software can be used for secure remote connections and file sharing.
• Penetration tests help ensure continued protection. Schedule one today.

Secure Employee Devices

Workers’ devices are becoming a major part of the new security perimeter, so they demand special attention.

• Install modern endpoint security software with sophisticated detection algorithms and centralized monitoring features.
• Use multi-factor authentication.
• Instead of a lax “bring your own device” (BYOD) policy, it might more be prudent to provide company devices with built-in security controls.
• If you use Windows, have you considered changing to a less hacker-prone alternative? Malwarebytes found that dangerous traditional malware such as trojans and ransomware make up less than 1% of Mac malware threats, but more than 27% of Windows threats. 

Employee Education

It’s essential that all workers understand the risks they face. Phishing is particularly important since it is involved in at least 70% of cyberattacks. Workers should be aware of the most common types:

• Fake invoices that seem to come from legitimate businesses
• Fake salary or bonus information meant to exploit victims’ self-interest
• “Urgent” warnings about viruses or malware
• COVID-related scams claiming to have information about vaccines or government financial assistance to bait users into clicking malicious links
• Petty gift card scams, commonly involving Apple’s App Store or iTunes
• Spear phishing: Scams that involve significant research about their victims in order to convincingly impersonate colleagues, managers, or trusted business partners

Employees should learn to recognize the warning signs and avoid clicking strange links or downloading unknown attachments. They should also be briefed on the proper use of work-related devices and handling of important data.

Get Expert Help

CIMS Namibia can help your business and its evolving technologies stay secure. Regular security audits are indispensable for making sure your system’s defenses are up to the job. We also offer disaster recovery planning, a crucial safeguard in uncertain times. Get in touch today and we can build a strategy tailored to your company’s unique needs.