Hyderabad: Hackers are starting to target remote workers with scams, taking advantage of the Covid-19 outbreak. At the same time, many remote workers don’t know how to securely access enterprise tools and applications. And while criminals are moving quickly, it takes most organisations an average of up to 66 days to discover a security breach.
The increased security risk of remote work (work from home) reinforces the need to have a plan in place if something goes wrong.
Prashant Gupta, Head of Solutions South East Asia & India, Verizon, and Hyderabad Security Cluster (HSC) founding father, told Telangana Today, “Many phishing attacks are happening. Hackers have created fake sites and are approaching people asking for personal information stating that the government is collecting such information. There is a growing risk arising from propaganda that people are trying to create around Covid-19 globally. As people are encouraged to maintain social distancing, offline activity is becoming lesser, giving rise to online activity and transactions, increasing risk.”
Explaining the challenges arising from remote working, Gupta said, many of the internal systems might not be patched, which is going to be the basic concern. The systems which were inside the network now are exposed to internet. Some organisations have even allowed employees to take their desktops and laptops to work from their home. Organised criminals are setting their eyes on individuals rather than organisations, as the former are more vulnerable.
Cyber readiness test
Subhajit Deb, chief information security officer, Dr Reddy’s Laboratories and HSC founder member said, “Corporates are in a difficult situation. Not many organisations had their business continuity plans when the Covid-19 outbreak took place. It is a real-time litmus test to enterprises on their readiness and disaster handling mechanisms. People are forced to work from home with infrastructure that is primarily non-enterprise platform. Whatsapp is being used for office communication and third party virtual private network (VPN) is being used by many companies to do regular work. Most of the laptops and devices do not have encryption (encoding information in such a way that only authorised individuals can access it).”
Owing to the social engineering and emotional connect, people are clicking links or opening attachments sent through email asking to check out the new ‘work from home guideline’ or see how Reserve Bank of India is planning to tackle financial stress. Malicious apps are being published in the app stores for Covid-19 tracking. Once individuals download the app and give the permissions, smartphones are compromised. As the guards are low, vulnerability is very high, noted Deb.
Now you can get handpicked stories from Telangana Today on Telegram everyday. Click the link to subscribe.
Click to follow Telangana Today Facebook page and Twitter .