Daily Bulletin


The Conversation

  • Written by Craig Valli, Director of ECU Security Research Institute, Edith Cowan University
The Conversation

Apart from the obvious health and economic impacts, the coronavirus also presents a major opportunity for cybercriminals.

As staff across sectors and university students shift to working and studying from home, large organisations are at increased risk of being targeted. With defences down, companies should go the extra mile to protect their business networks and employees at such a precarious time.

Reports suggest hackers are already exploiting remote workers, luring them into online scams masquerading as important information related to the pandemic.

On Friday, the Australian Competition and Consumer Commission’s Scamwatch reported that since January 1 it had received 94 reports of coronavirus-related scams, and this figure could rise.

As COVID-19 causes a spike in telework, teleheath and online education, cybercriminals have fewer hurdles to jump in gaining access to networks.

High-speed access theft

The National Broadband Network’s infrastructure has afforded many Australians access to higher-speed internet, compared with DSL connections. Unfortunately this also gives cybercriminals high-speed access to Australian homes, letting them rapidly extract personal and financial details from victims.

The shift to working from home means many people are using home computers, instead of more secure corporate-supplied devices. This provides criminals relatively easy access to corporate documents, trade secrets and financial information.

Read more: What's your IT department's role in preventing a data breach?

Instead of attacking a corporation’s network, which would likely be secured with advanced cybersecurity countermeasures and tracking, they now simply have to locate and attack the employee’s home network. This means less chance of discovery.

Beware cryptolocker attacks

Cryptolocker-based attacks are an advanced cyberattack that can bypass many traditional countermeasures, including antivirus software. This is because they’re designed and built by advanced cybercriminals.

Most infections from a cryptolocker virus happen when people open unknown attachments, sent in malicious emails.

In some cases, the attack can be traced to nation state actors. One example is the infamous WannaCry cyberattack, which deployed malware (software designed to cause harm) that encrypted computers in more than 150 countries. The hackers, supposedly from North Korea, demanded cryptocurrency in exchange for unlocking them.

If an employee working from home accidentally activates cryptolocker malware while browsing the internet or reading an email, this could first take out the home network, then spread to the corporate network, and to other attached home networks.

This can happen if their device is connected to the workplace network via a Virtual Private Network (VPN). This makes the home device an extension of the corporate network, and the virus can bypass any advanced barriers the corporate network may have.

Read more: Hackers are now targeting councils and governments, threatening to leak citizen data

If devices are attached to a network that has been infected and not completely cleaned, the contaminant can rapidly spread again and again. In fact, a single device that isn’t cleaned properly can cause millions of dollars in damage. This happened during the 2016 Petya and NotPetya malware attack.

Encryption: not a cryptic concept

On the bright side, there are some steps organisations and employees can take to protect their digital assets from opportunistic criminal activity.

Encryption is a key weapon in this fight. This security method protects files and network communications by methodically “scrambling” the contents using an algorithm. The receiving party is given a key to unscramble, or “decrypt”, the information.

With remote work booming, encryption should be enabled for files on hard drives and USB sticks that contain sensitive information.

Enabling encryption on a Windows or Apple device is also simple. And don’t forget to backup your encryption keys when prompted onto a USB drive, and store them in a safe place such as a locked cabinet, or off site.

VPNs help close the loop

A VPN should be used at all times when connected to WiFi, even at home. This tool helps mask your online activity and location, by routing outgoing and incoming data through a secure “virtual tunnel” between your computer and the VPN server.

Existing WiFi access protocols (WEP, WPA, WPA2) are insecure when being used to transmit sensitive data. Without a VPN, cybercriminals can more easily intercept and retrieve data.

VPN is already functional in Windows and Apple devices. Most reputable antivirus internet protection suites incorporate them.

It’s also important that businesses and organisations encourage remote employees to use the best malware and antiviral protections on their home systems, even if this comes at the organisation’s expense.

Backup, backup, backup

People often backup their files on a home computer, personal phone or tablet. There is significant risk in doing this with corporate documents and sensitive digital files.

When working from home, sensitive material can be stored in a location unknown to the organisation. This could be a cloud location (such as iCloud, Google Cloud, or Dropbox), or via backup software the user owns or uses. Files stored in these locations may not protected under Australian laws.

Read more: How we can each fight cybercrime with smarter habits

Businesses choosing to save files on the cloud, on an external hard drive or on a home computer need to identify backup regimes that fit the risk profile of their business. Essentially, if you don’t allow files to be saved on a computer’s hard drive at work, and use the cloud exclusively, the same level of protection should apply when working from home.

Appropriate backups must observed by all remote workers, along with standard cybersecurity measures such as firewall, encryption, VPN and antivirus software. Only then can we rely on some level of protection at a time when cybercriminals are desperate to profit.

Authors: Craig Valli, Director of ECU Security Research Institute, Edith Cowan University

Read more https://theconversation.com/click-for-urgent-coronavirus-update-how-working-from-home-may-expose-us-to-cybercrime-133778

Writers Wanted

One quarter of Australian 11-12 year olds don't have the literacy and numeracy skills they need

arrow_forward

Step-by-Step Process of Filing Bankruptcy in Georgia

arrow_forward

The Conversation
INTERWEBS DIGITAL AGENCY

Politics

Prime Minister Interview with Kieran Gilbert, Sky News

KIERAN GILBERT: Kieran Gilbert here with you and the Prime Minister joins me. Prime Minister, thanks so much for your time.  PRIME MINISTER: G'day Kieran.  GILBERT: An assumption a vaccine is ...

Daily Bulletin - avatar Daily Bulletin

Did BLM Really Change the US Police Work?

The Black Lives Matter (BLM) movement has proven that the power of the state rests in the hands of the people it governs. Following the death of 46-year-old black American George Floyd in a case of ...

a Guest Writer - avatar a Guest Writer

Scott Morrison: the right man at the right time

Australia is not at war with another nation or ideology in August 2020 but the nation is in conflict. There are serious threats from China and there are many challenges flowing from the pandemic tha...

Greg Rogers - avatar Greg Rogers

Business News

AppDynamics Solves Visibility Gap Between Traditional Infrastructure and Cloud Environments

New Full Stack Observability Platform, Integration With Cisco Intersight Workload Optimizer and Cloud Native Visualisation Features Provide Cross Domain Insights and Analytics of Business Perfor...

Hotwire Global - avatar Hotwire Global

Why Your Small Business Should Bulk Buy Hand Sanitiser

As a small business owner, employee and customer safety is at the very top of your priority list. From risk assessments to health and safety officers, appropriate signage and proper briefing...

News Co - avatar News Co

How Phone Number Search In Sydney Can Help Your Business

To run a successful business, keeping track of your company and competitors are the major factors. With a lot of tools, available businesses have options to stay current. One way in which busine...

News Co - avatar News Co



News Co Media Group

Content & Technology Connecting Global Audiences

More Information - Less Opinion