How to protect remote workers against today’s threats

The current global situation has necessitated the immediate shift to remote work. It’s estimated that 42% of the workforce now works at home, which represents a massive shift from…

Security Center of Excellence profile picture
Security Center of Excellence

October 12, 20204 minute read

The current global situation has necessitated the immediate shift to remote workIt’s estimated that 42% of the workforce now works at home, which represents a massive shift from a pre-COVD-19 workforce. As a result, companies are scrambling to ensure their cybersecurity posture can cover the influx of remote workers. To make matters worse, malicious actors are taking full advantage of the chaos and lack of information. How are IT teams expected to address the current issues of their new remote infrastructure and stay on top of the latest cybersecurity challenges?  

Different faces, same old tricks 

While everyone is busy adapting to a new workforce, malicious actors are doing the same. Cybercriminals are taking full advantage of people’s need to stay up to date with information about COVID-19. They’re using the same old tricks, like phishing, malicious websites designed to gather PII, and fake mobile applications, but adding a new COVID-19 theme to them in order to catch unsuspecting victims.  

Phishing EmailsHackers have created numerous email campaigns centered around important information updates on COVID-19. Emails are disguised with tips, advisory updates, or business continuity plans and often include a file or links with malicious downloads.  

Malicious Domains: From January to March alone, more than 100,000 new COVID-19 web domains were created. Of these, 2,022 were identified as malicious and 40,261 were identified as high risk. These websites have collected PII through fake web-shops, credit card skimmers, fake eBooks, and more. These websites can offer pandemic-related items in order to steal credit card information. 

Fake Mobile AppsRepresenting a potential goldmine of personal information, mobile phones are just as vulnerable to cyber-attacksSeveral apps have been released in the last few months to help provide on-demand information to the latest facts and figures behind the disease. What users don’t realize is that the app is a vehicle for a spy kit that can remotely access microphones, cameras, and user data.  

Staying vigilant: How to combat these threats 

While there are several new challenges that organizations are facing, there are some simple steps to stay ahead of hackers and ensure that user data stays in the right hands. 

Update Your cybersecurity policy 

  • Review your cybersecurity policy to understand how it covers off remote users. Make necessary changes as your organization has shifted.  
  • Consider the increased use of personal devices and how that impacts data privacy. 
  • Have a plan for unlicensed applications and shadow IT. With more people working from home with less oversight, there is bound to be an increase in unauthorized downloads.  

Educate the workforce 

  • Ensure your workers are aware of the common ways malicious agents attempt to gain access. Security is only ever as strong as the weakest link, so ensure users are no easy target. They need to be able to spot suspicious activity on the web, in emails, and understand how social engineering can occur.  
  • Best practices for maintaining security while they work from home is ideal. 2 Factor Authentication, the importance of VPN connection 

Have an Incident Response (IR) plan in place and ready to be executed remotely 

  • Physical collection now poses new challenges; ensure your team can collect, analyze, and remediate remotely over the network.  
  • IR teams are now more decentralized than ever; ensure there is a plan in place on how teams can coordinate and communicate o ensure effective action is taken against threats 

Keeping up with the best practices and ensuring users are trained to protect themselves against the latest cyber threats are a great start but preparing an organization to handle cyber incidents is even more critical in these abnormal times. 

These are just a few suggested steps and strategies to help protect the new remote workforce. While following these tips are necessary to maintain good cybersecurity hygiene, it is important to note that the threat landscape is constantly evolving. The key to keeping pace with the bad guys is maintaining vigilance and being ready to evolve and adapt when necessary.  

See how OpenText can help. 

Authored by Denis O’Connor, Sr. Account Executive, OpenText and Matt Dunbar, Sr. Account Executive, OpenText 

Share this post

Share this post to x. Share to linkedin. Mail to
Security Center of Excellence avatar image

Security Center of Excellence

See all posts

More from the author

Threat alerts

Threat alerts

December 2021 December 14, 2021: Log4j Summary: Top US cybersecurity officials have warned of the zero-day vulnerability found in the Java logging library Apache Log4j….

1 minute read

Lessons from the SolarWinds attack: How to protect your business

Lessons from the SolarWinds attack: How to protect your business

By the time it was discovered in December, the SolarWinds cyber attack had evaded the security defenses of and penetrated at least 18,000 government agencies,…

5 minute read

The HAFNIUM Attack on the on-premises Microsoft Exchange Server

The HAFNIUM Attack on the on-premises Microsoft Exchange Server

On March 2, Microsoft announced that its on-premises Exchange Server had experienced multiple 0-day exploits. Microsoft commented: “In the attacks observed, the threat actor used…

3 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.