awareness week 2020
Have you considered your Cyber Security protocols since making the quick pivot to working from home?
We have noted an increase in malicious activity during this global pandemic. Hackers are using complex socially engineered techniques that target the human layer of your organisation – meaning that your people are at risk! Stay aware and check your cyber smarts – you need to make sure that you and your people consider cyber security whilst working from home.
David Hay, one of our Senior Security Consultants specialising in Cyber Security, has been keeping an eye on the cyber environment since the beginning of the COVID-19 pandemic. Along the way he has been sharing with us some simple, but effective tips below to keep your organisation cyber smart.
1. PROTECT YOUR WIFI ROUTER
Just as we are reminded to change the batteries in our smoke alarms at the start of Daylight Saving Time, why not include changing the password to your WIFI router at the same time? Your internet connection provides you a way to interact with the wider world, but conversely, it also provides a direct channel into your computer.
David says: “Think of your internet connection as a source of entry into your home for a cyber-criminal. You wouldn’t leave your front door at home open if you knew there were criminals around. So don’t let them into your computer systems either – close the door by taking the time to change the default password setting on your WIFI or Router”.
2. SEPARATE WORK AND PERSONAL BUSINESS ON YOUR DEVICES
Undertaking personal business on a work computer carries significant risk. Our strong recommendation is to separate your work and personal online activities on to different devices, so that if one is compromised from a cyber-attack, then your other system stands a better chance of not being compromised as well.
3. BE CAREFUL WHEN OPENING ATTACHMENTS OR FOLLOWING ANY LINKS IN EMAILS
This is particularly important when you don’t actually know the sender, or perhaps when the email is from a known organisation that you were not expecting communication from. Common scenarios include hackers posing as:
- A supplier asking for payment of a fictitious invoice;
- A client or someone you know asking you to follow a link for a seemingly logical reason;
- An trusted authority or institution (e.g. a delivery service or bank) asking for your immediate review of an ‘important attached document’; or
- A colleague (e.g. a senior manager) asking you to do an odd task that involves opening a document, following a link or buying something.
These emails and/or attachments will often have the logo of the organisation embedded and on initial glance look almost 100% real. However, when studied closely they will usually have some sort of discrepancy, often found in the sender’s address – that does not match that of the authentic person and/or organisation. Be vigilant, because the first impression is all they need for you to open on impulse.
4. DON’T FORGET OTHER OPEN CHANNELS
Reports circulating of telephone and SMS scams are rife at this time. These scans can vary but for example, a scammer may call you pretending to be from the Australian Tax Office (ATO), demanding payment before an arrest warrant is issued. Be sceptical of any calls and/or SMS along these lines and double check with the authority directly if you are unsure.
5. PUT PROTOCOLS IN PLACE FOR USING 3RD PARTY SOFTWARE LIKE ZOOM
ZOOM is a great way to stay connected right now, and many professionals are utilising ZOOM video conferencing in place of meeting face to face. There have been concerns raised about the security of these 3rd party applications, however, there are some pretty good native security measures in place that not a lot of people know about.
Visit this ZOOM blog to find out methods you can use to restrict and secure meetings, in order to managing unwanted or disruptive participants.
If you have any specific concerns about the Cyber Security of your information and data, we are available anytime to chat.