Cybersecurity firms agree that remote work will continue to be an ideal scenario for Internet criminals. Learn what the most common threats will be.
Despite the fact that the world celebrates the great advances that science has made to develop vaccines against COVID-19, there is still no certainty when it will be possible to return to certain spaces normally, such as offices.
In fact, many companies have contemplated continuing remote work in 2021. This is why workers will have to worry, more than ever, about keeping their digital spaces protected from cyberattacks. What will be the main threats?
Cybersecurity firms as AppGate and Lumu Technologies, agree that the ransomware will remain a headache next year, especially for small businesses.
This is a malicious software program that can lock computers or encrypt important files and displays messages that require money to restore them to function. It can be included in misleading links within emails, for example.
“Covid-19 will be present for a long period and this will lead to organizations having to access their resources in the cloud, which will critically expose those who do not have sufficient cybersecurity measures,” Applegate’s predictions indicate.
The firms assure that phishing will also be a persistent problem. This consists of the impersonation of an organization to request sensitive data, such as banking information or passwords.
Applegate, they believe that mass phishing campaigns directed towards end-users will be more common, as cybercriminals will have analyzed more habits and interests of people on different online platforms and with this information, they will be able to attract and engage users more effectively. The firm also believes that information related to COVID-19 will be used to launch email attacks.
Along these lines, Lumu also warns that there may be an abundance of false alerts that will incorporate malware, as it indicates that low-quality alerts have been a constant weakness in terms of cybersecurity.
Likewise, it indicates that with the rebirth of the QR code as a result of COVID-19 there is a new gateway for malicious software. Today, this tool is used for daily actions, such as completing a survey, viewing a menu at a restaurant, or paying a bill. “An attacker only needs to stick his own QR code on any of these to easily infect hundreds of devices,” says Lumu.
Finally, the experts warned that with the reduction of restrictions, many workers who return to the offices will be able to return potentially infected equipment. According to Lumu, cybercriminals who have had access to these devices will have “a perfect opportunity to make lateral movements and compromise fundamental systems”, so he says that it is convenient that companies pay special attention to the protection of this equipment.
What to do?
To minimize the risks of infection of these computers, other cybersecurity companies such as Kaspersky have suggested protecting home devices that handle corporate data with antivirus solutions, since they do not have the security measures that office computers do. The company even suggests installing a free antivirus.
Other protection measures include constantly updating programs and operating systems so as not to leave cracks in which cybercriminals can infiltrate. In that sense, it is also advisable to configure encryption on home WiFi networks and establish strong passwords.
For those who must work in public places, such as coffee shops, Kaspersky recommends using a VPN or virtual private network, which provides online privacy, access to content from around the world, and safe browsing. “Public WiFi networks are often unencrypted, and even if they are, anyone can get the password,” he warned.
Finally, experts agree on the importance of using the corporate services that the company has hired – such as Microsoft Office 365 or Slack – to exchange company information, and insist that users be alert to malicious messages that may sneak into the mail electronically.
They recommend reading messages carefully, checking that the senders are who they say they are, and distrusting email messages with links. In case a page indicates a link similar to that of a known company or service, they suggest typing the address in the browser to enter from there.