Dr Duncan Hodges, Senior Lecturer in Cyberspace Operations, comments on the increased risk of cyber attacks:

An innocent consumer 'substitution' could create serious consequences for other supply chains that are critical to society and life.

Increased phishing related to coronavirus

鈥淲e鈥檙e definitely seeing an uptick in phishing related to the coronavirus, for example malware masquerading as fake antivirus, and VPN solutions all aimed at capitalising on the change to remote working. We鈥檝e also seen phishing campaigns in Japan which purported to come from the state welfare offices but downloaded a trojan designed to steal money from bank accounts. WHO have also warned of phishing attacks pretending to be a charitable relief fund. We can also expect to see fraudulent activity surrounding either the selling of hard-to-find items or fake antiviral equipment.

Home working risks

鈥淲e can expect to see an increase in attacks targeting remote desktop solutions and video conferencing software. This is particularly likely to be a problem where products have laid dormant without being updated or only used within a corporate network for a period of time and are now being made available outside the traditional corporate network 鈥 the recent BlueKeep attack vector is one we鈥檙e likely to see increasingly over the next week or so.

鈥淭raditionally a home network has been considered a less secure part of a corporate network, as well as your corporate laptop on the network there will also be your family鈥檚 personal computers, tablets and phones as well as a host of smart home devices. Your network will only be as secure as the most vulnerable of these devices.

鈥淲e can also expect more of the corporate data to be moved to cloud hosting solutions to allow for remote working 鈥 whilst some of this will be within corporate solutions it would be na茂ve to think that there won鈥檛 be an increase in data being moved to shadow IT infrastructure. This is where data is moved to other personal solutions outside a corporate network because an employee 鈥榥eeds to get a job done鈥 and the corporate solutions don鈥檛 work 鈥 for example using personal email accounts or accounts on Dropbox, for example. This move of data to external cloud providers could increase the risk of a data breach.

鈥淭here is also the risk of increased working on unsecured wireless networks such as at coffee shops, whenever using these public infrastructure it鈥檚 worth considering using a virtual private network (VPN). These create an encrypted tunnel over an insecure network, your network traffic then flows down this tunnel and protects your data from others. Your employer may provide a VPN solution for you to use - alternatively there are a number of free products such as Proton VPN which offer a good service.

Improve cyber hygiene

鈥淪ecurity isn鈥檛 really a 鈥榩roduct鈥 that can be bought but certainly running an antivirus and firewall application represent what we would call good cyber hygiene. There are really great free home versions from most vendors that offer pretty good protection against a whole host of threats.

"The best approaches to increasing your security are what we would typically call 鈥榗yber hygiene鈥 this involves doing a number of really simple things which will aggregate together to make you more secure. Look at using a firewall on your machines, these attempt to create a buffer between your computer and the network. Make sure your operating system and the applications (such as Microsoft Office / Word, your PDF readers and your web browsers) are up-to-date and make sure you鈥檙e running an anti-virus product which is up-to-date. Doing these relatively simple things will make a big difference to what we call your 鈥榮ecurity posture鈥.

Cyber considerations for businesses

If you鈥檙e a business consider the National Cyber Security Centre鈥檚 Cyber Essentials programme, this outlines a number of simple steps to improve your cybersecurity 鈥 you don鈥檛 need to go through the certification process but there is some really easy to follow advice.

Coronavirus is accelerating new flexible working

As we move to Work 4.0 where one change is the move to more flexible working conditions it is likely that businesses will need to adopt to these changing responsibilities (and indeed the changing responsibility of staff to their employers). What we鈥檙e seeing in COVID-19 is an acceleration of that requirement. Lots of businesses will now have to manage home working on a larger scale than they have done in the past, but the lessons we learn over the next weeks and months will hopefully help us critically look at how businesses, and we as security professionals, are going to support a wide variety of staff who are working from home for extended periods of time.鈥

About SWAG合集

SWAG合集 is a specialist postgraduate university that is a global leader for education and transformational research in technology and management.