Defending against cyberattacks in a disrupted world
To say that we’re living through a turbulent time would be an obvious understatement. Global disruption can force populations to rethink how they operate, especially when it comes to daily routines. Switches to remote working models and restricted movement can lead to increased online activity. Citizens will seek to connect with loved ones, continue work and access advice on the situation as it evolves. This change in daily human activities is combined with a relentless and distracting news cycle, financial pressures and general mood of uncertainty. The result is an environment within which cybercriminals will look to profit. For this reason, maintaining good cyber hygiene is as critical as ever.
A distracted population
Following any widespread disruption, cybercrime will inevitably increase as malicious actors take advantage of a distracted population. Individuals will perhaps lack their normal vigilance or in working remotely fail to maintain or manage systems as they normally would. In addition, enforced lockdown forces businesses to close, increasing their reliance on physical security systems to detect intruders on unoccupied premises.
New threats emerge and a multitude of tactics are implemented to coerce targets to click links, share personal details and even transfer money. In a recent example, shortly after the UK government issued a nationwide text message providing citizens with COVID-19 advice regarding restrictions to movement, spoof messages began to emerge demanding recipients to pay a fine for alleged misconduct. The World Health Organisation (WHO) has also recently warned of fraudulent emails sent by criminals posing as the WHO to request donations. The threats extended offline as well, where cybercriminals issued messages via mail order, urging users to visit malicious websites.
Historically, when societies face hardships, crime rates also tend to go up. Cybercrime is no different. When faced with disruptions such as movement restrictions and enforced lockdowns, cybercrime becomes a more attractive option for criminals who might otherwise commit physical crimes.
Maintaining a strong defence
Despite the global crisis, there must be a continued – if not heightened – emphasis on vigilance and good cybersecurity practices. This starts with increased awareness and monitoring of the rapidly evolving threat landscape, and enforcing strict policies and behaviors to keep valuable data safe. An effective approach is underscored by security education, where the broader population is taught about possible vulnerabilities, so that they can be addressed as early as possible.
There are other steps that people can take to avoid falling victim to opportunistic scams and to keep essential systems – such as video surveillance – secure:
- Businesses can implement mail filtering to help keep phishing lures out of inboxes, limiting employee exposure to malicious content. When online activity rises, phishing attacks also increase. These tactics attempt to trick users into clicking links or sharing sensitive data by impersonating legitimate companies or high-profile executives.
- Correspondence should be inspected for the tell-tale signs of a phishing email or ‘smishing’ (i.e. SMS-phishing) texts, such as poor spelling and grammar, urgent requests for personal information or money and requests to download documents. Any correspondence that raises suspicions should be reported immediately.
- When logging on to a network remotely, employees should utilise a Virtual Private Network (VPN). This enables them to send and receive data securely across shared or public networks.
- Make regular back-ups of important files and ensure that these are kept separate from the network. Multiple copies of backup files can also strengthen defences, especially in the face of a complex ransomware attack.
- Install security updates on all devices when these become available. Device manufacturers will issue updates for their software to help protect against the latest threats.
- Enable Multi-Factor Authentication (MFA), where multiple pieces of evidence are used to verify the identity of each user logging in to the network.
- For companies, ensure that password policies and security best practices are reinforced. Consider instituting regular training to keep employees abreast of new tactics and scams.
Defending against threats during times of disruption must remain a priority, particularly in the face of increased cybercriminal activity and people who are naturally distracted and concerned about the broader issues being faced. Best practices in cybersecurity, education and communication are always essential, and even more critical when facing global disruptions.
You can learn more about securing your video surveillance system here.