Following the announcement of semi-confinement on March 16, by the Swiss Confederation due to the health situation, telecommuting proved to be the best solution for business continuity.ntinuity solution for many companies.
Un ideal location and profitable forhackers, especially when it comes to the proliferation of cyber-malicious acts and d’and scams of all kinds.
Let’s take stock.
Teleworking and cyberthreats
There are companies that have had the opportunity to telework their teams quickly. It’s also those who didn’t give themselves a choice and tried their best to achieve it.
For the majority of these summers, the in of this telecommuting system is not always well mastered. mastered and above all securee.
Cela a donc pour conséquence s d’considerably increase security risks for the companies and organizations that use them.
These risks can endanger the‘business of these companies in the face of cybercrime, which is redoubling its efforts to take advantage of this new opportunity. : the current health crisis.
The FINMA indicated in its press release of March 19 that, “in In the current coronavirus situation, there has been an upsurge in fraudulent e-mails in the form of phishing.
Cybercriminals are trying to take advantage of the prevailing insecurity and impersonate various senders in order to send malware.”
This finding is confirmed in the Europol report of 03/27/2020, which describes how criminals are exploiting the current health crisis, not just in the online world.
The main risks of cyber-attacks
As teleworking intensifies, cybercriminals are trying to take advantage of the potential disorganization and confusion of companies and organizations, and the resulting dematerialization of procedures, to step up their attacks.
The main risks are as follows:
Phishing
These are messages (email, SMS, chat, etc.) designed to steal confidential information (passwords, personal or banking information) by impersonating a trusted third party.
The possible consequences are as follows: hacking into professional e-mail accounts or access to the organization’s information systems, intrusion into the company network, ransomware, fraud involving false transfer orders, etc.
Test your ability to recognize phishing emails here.
Ransomware
These attacks consist of encrypting or preventing access to company data, and generally demanding a ransom to release it.
More and more often, this type of attack is accompanied by data theft and prior destruction backups.
These attacks are generally made possible by intrusion into the company network, either through remote access, or by compromising an employee’s equipment.
Lhe consequences include possible business interruption, loss of data, etc.
Data theft
As with ransomware, these attacks are generally made possible by intrusion into the company’s network or hosted systems via remote access, or by compromising an employee’s workstation. The aim is to steal lcompany data in order to blackmail, resell or disseminate it.
The consequences: damage to the business and image of the company or organization.
Other risks exist, but the 3 mentioned above are the most common.
A few recommendations to limit the risks for employers
Define and implement an equipment policy for your teleworkers
Whenever possible, telecommuting should be carried out using resources provided, secured and controlled by the company.
Control your external access
Restrict external or remote access (RDP) to only those people and departments who need it most. Otherwise, filtrez strictly on your firewall.
Also, comit systems for which remote access is not necessary to preserve them, especially if they are sensitive to the company’s business.
Secure your external access
Systematize secure connections to your infrastructures using a “VPN” (Virtual Private Network).
Beyond the Encrypting your external connections, these devices also reinforce the security of your remote access by limiting it to authenticated equipment only.
Double authentication of VPN connections is also a must, to guard against any form of usurpation.
Strengthen your password management policy
Whether it’s the passwords of telecommuting users, or those in charge of IT support, passwords need to be sufficiently long, complex and unique on each piece of equipment or service used.
The majority of attacks are due to passwords that are too simple or reused.
At the slightest doubt, or even as a precaution, change them and activate dual authentication whenever possible.
Have a strict policy for deploying security updates
And this as soon as they are available and on all the accessible equipment in your information system (mobile workstations, desktops, tablets, smartphones, servers, network or security equipment, etc.).. Lybercriminals don’t take long to exploit vulnerabilities once they’ve been made aware of them.
Toughen up your data and activity backups
Backups need to be made and tested regularly to ensure that they are working. They remain one of the only ways for your company to recover its data following an attack.
Don’t forget backup your external hosting (cloud, corporate website, e-mail service…) to ensure that the service you subscribe to is in line with the risks incurred by your company.
Use professional antivirus solutions
Professional antivirus solutions can protect companies from most known virus attacks, but also sometimes from phishing messages and even ransomware.
Raise awareness and provide responsive support for your teleworking employees
Give teleworkers clear instructions on what they can and cannot do, and make them aware of their responsibilities. make them aware about the security risks of teleworking. Users are often the first line of defence in avoiding or even detecting cyber-attacks.
This must be done in a pedagogical way, to ensure that they adhere to your instructions and that they are effective.
In short, as company directors or IT managers, you need to get involved, and above all: lead by example!
Security is always a constraint that has to be accepted when the stakes are so high that they can be vital for companies.
If you have any doubts or questions about your company’s security during the teleworking season, don’t hesitate to contact our IT security experts.
