The Covid-19 pandemic has had huge impacts on our everyday lifestyles. This includes the way we work.
Social distancing and lockdown measures have forced most businesses to close down their offices for the foreseeable future. However, the risk of cyber-threat is still very prevalent.
The risks of home-working
With more people than ever working from home, new and untested remote-working strategies have opened up a host of new channels for cyber-attackers.
Unsecured data sharing, dodgy internet connections and an increase in online communications all put companies at greater risk. However, businesses must also consider the physical and mental stress being put on their employees. Vigilance toward online scams and phishing must be expected to lessen as employees adapt to working outside an office environment.
So, what are the most common risks that you and your employees need to watch out for?
Ransomware is a type of malicious software that stops you accessing your computer, data or systems. Victims are usually asked to make some sort of payment in order to regain access to their system. Hence the name, ‘ransom-ware’.
Police have already warned that ransomware scams are on the rise. Now is the time to encourage employees to back up files and business data, so they can always be recovered from another machine.
Over 181.5 million ransomware attacks were reported in the first six months of 2018. This marks a 229% rise since the same point in 2017.
One of the most common tactics used by cyber criminals is through email.
Phishing emails are disguised to look like a contact or reputable source, tempting the victim to click on a link or download an encrypted attachment. Fraudsters may also make false requests for payments, asking victims to make transfers via a link, giving them access to the business’ financial details.
The National Fraud Intelligence Bureau (NFIB) reported a new trend in fraud related to Coronavirus, or COVID-19, with related fraud reports increasing by 400% in March.
Businesses are also being warned that cyber criminals might exploit the coronavirus outbreak, sending out phishing emails that claim to have important updates or impersonating trustworthy organisations with requests for charitable donations.
World Health Organization (WHO) have had so many imposters claiming donations on their behalf, that they have issued a warning on their website. The statement makes clear that WHO will:
- never ask for your username or password to access safety information
- never email attachments you didn’t ask for
- never ask you to visit a link outside of www.who.int
- never charge money to apply for a job, register for a conference, or reserve a hotel
- never conduct lotteries or offer prizes, grants, certificates or funding via email.
Phishing emails were the most common cyber-security threat in 2019, accounting for 80% of attacks on businesses, and 81% on charities.
Making home-working secure
Here are some active measures that you and your employees can take to help protect against cyber-crime:
- Reset the Wi-Fi code: change default passwords on your home Wi-Fi router to prevent hackers accessing your network
- Use stronger passwords: strong and unique passwords should be created for every account and device. You should also consider using two-factor authentication (2FA). This would require cyber criminals to provide a second piece of information to access your files
- Protect your devices: software updates contain vital security patches that keep devices operating securely
- Share files safely: only use company-approved software to share and transfer files. Employees should also refrain from linking personal email or social networking to company devices
- Watch out for scam emails: never click on links or attachments in emails from unknown sources, and never respond to messages asking you to disclose personal or financial details over phone or email.
Use our Cyber-Security Handbook to find out more about cyber risks and for further help creating a resilience strategy.
Does your business insurance cover home working?
If the wording in your business insurance policy does not outline cover for home-workers, it is important to contact your insurer to discuss amending your cover.
In 2019, the average cost of a data breach was £4,180 per cyber-attack. This was significantly higher for medium and large businesses, who could expect losses of £9,270 and £22,700 respectively.
Falling victim to a cyber-attack can be expensive in both loss and recovery. Make sure your business has the right cover to protect against the increased risk of cyber-crime during the coronavirus outbreak.
If you have fallen victim to cyber-crime, call Action Fraud on 0300 123 2040, or visit their website.