Companies should ensure that employees follow cybersecurity best practices as cybercriminals try to exploit the Covid-19 crisis and penetrate corporate defences via unsecured home networks, says Stellenbosch University Business School digital transformation senior lecturer Dr Martin Butler.
South Africa experienced a ten-fold spike in network attacks in mid-March when much of the country moved to working from home. Compromised credentials are responsible for over 80% of breaches and brute-force attacks - cybercriminals attempting various password combinations to gain access to corporate systems via individual user accounts - remain high.
With most work-from-home employees using online collaboration and video conferencing software, Butler warns that some of these systems are not yet integrated into corporate single-sign-on systems or thoroughly tested and embedded in safe remote environments.
"Unprecedented digital dependency has created unprecedented vulnerability, and an increase in malicious attempts to exploit the mass shift to online platforms for remote working. Companies should ensure that the 'digital equivalent of handwashing, face masks, physical distancing and decontamination' is being implemented by their now-remote workforce," he advises.
Businesses need to implement encrypted communication such as virtual private networks (VPNs), but also recognise that ensuring company policies are applied on the corporate laptop that shares a home network with multiple devices such as mobile phones, is not sufficient, he emphasises.
While highly secure corporate networks should be able to prohibit or at least identify unauthorised activities to ensure that data assets remain protected and services are uninterrupted, home-based WiFi networks and fourth-generation connections do not have the benefit of corporate security policies and technologies.
“Although it is in principle possible to secure these distributed onramps to the Internet that have become central in the work-from-home context, protecting them is now the responsibility of each individual user and not the corporate information technology (IT) department – and therein lies the danger,” Butler says.
Where corporate IT polices on using company assets off-site had been focused on physically securing devices - and losing a device was a nuisance - losing control over a device in the current environment, and thus enabling remote access to company systems and data, could be disastrous, he highlights.
He advises using secure, complex passwords and changing them frequently, not replying to or clicking on links in phishing emails or messages and being on the alert for Covid-19 scam emails.
Employees should also ignore and delete WhatsApp messages with unknown links, especially from unknown senders, and take extreme care when connecting to unsecured networks.
Stellenbosch University Business School future studies PhD graduate Dr Rianne van Vuuren advises that IT managers promote cybersecurity by ensuring that a full-service Internet security suite is used by all employees.
They must ensure regular updates of all software, which could save a company from significant future losses if such vulnerabilities are exploited by cybercriminals.
"IT managers must keep up to date on major cybersecurity breaches in order to proactively ensure that potential vulnerabilities in their networks are secured. Developing a risk model as well as a disaster recovery plan with the necessary backups would be a lifesaver in case of catastrophe," states Van Vuuren.
Cybercriminals can attack devices on unsecured home networks, mostly running outdated software or unsecure hardware, or exploit employees who are using relatively new systems at the extreme of their comfort levels.
“For cybercriminals it is the perfect time to get a malware link to the anxious, and not very tech-savvy, end-user wanting to know the latest Covid-19 news and information. One ill-informed action may be all that is required for ransomware to penetrate corporate defences from remote locations," Butler points out.