Across the United States, millions of people have been told to work from home—whether or not they or their companies were prepared for them to do so. And while remote work may seem like a godsend amid a wave of layoffs due to the coronavirus, cybercriminals are also spotting an opportunity.
“The hackers are out in force, and they know that everybody’s going home, so I think working from home without the appropriate security is a risk,” says Beth McCarty, owner of TeamLogic IT/Central Pinellas in Clearwater, FL, which provides IT support for small to medium companies.
When news about COVID-19 started ramping up in January, the cybersecurity firm Check Point Software Technologies did a global threat index warning of another virus of sorts: coronavirus-themed malware and malicious software.
Its research showed that more than 4,000 coronavirus-related domains had been registered around the world. Of those, 3% were malicious, and an additional 5% were suspicious, which makes coronavirus-related websites 50% more likely to be malicious than other domains.
Phishing emails and other existing scams are adapting to the current atmosphere of fear about the pandemic, preying on our desire for information and solutions.
Hackers are also sending out emails pretending to be charities and requesting money or other personal information.
“They’re going to use whatever they think is going to get your attention; that’s what hackers do,” McCarty says, citing an email that had circulated with a malicious download, which purported to be an app by Johns Hopkins University tracking the virus.
Clicking on a dubious link or downloading a questionable file can cause problems both at home and for your company.
Not all of the breaches are related to monetary gain or identity theft. Some trolls are hijacking video conferences to display pornography or other disturbing videos.
“Every newsletter I’m getting from around the tech world is talking about the coronavirus hacks, and there are apparently, many, many of them,” McCarty says.
Companies have probably secured their in-house internet networks, but suddenly, they are relying on the strength and security of their employees’ home networks. The first thing McCarty recommends doing is ensuring that your home network is secure.
“Make sure you change that default password on your router. Many people have not,” she says. Having a network that is not secure can allow people to see what you do on the network and even take control of it. She also recommends enabling encryption on the router and updating any firmware.
A virtual private network (VPN) is also something many companies are setting up and requiring before accessing company information.
McCarty also recommends:
- Password-protecting any device.
- Making sure any software, and your operating system, are up to date.
- Using anti-virus and anti-malware programs.
- Enabling two-factor authentication to access many sites and programs.
- Not storing any company information on your personal device. Use approved company storage.
- Not clicking on any suspicious links or opening anything without checking the source.
Another cybersecurity risk comes from sharing devices, since the family computer has suddenly become a workstation, a classroom portal, and an entertainment center.
“It’s the absolute opposite of social distancing, when it comes to our computing devices,” said James Stanger, chief technology evangelist of CompTIA, a worldwide tech association. “You have this communal device, now that many people are accessing and multiple people are using that same device for multiple reasons.”
That creates a security risk. One person might be using a VPN to tunnel into a work network and taking great care not to click on suspicious links. Another, though, might not be as cautious, and some might be members of your household.
“When it comes to schoolwork, [kids] are always having to install new things,” Stanger explains. “The e-learning [portal] will say, just install the latest version or upgrade this application, or whatever. And that’s where there is plenty of opportunity for bad guys to install things, hoping that it’s a communal computer.”
These issues reflect the fact that we are all out of our comfort zone right now and are looking for information and answers.
The root cause, Stanger says, is that as people engage in new behavior, they are less sure of themselves and hence more vulnerable to determined hackers.
The post The Rush To Work From Home Creates Opportunity—for Cybercriminals appeared first on Real Estate News & Insights | realtor.com®.