COVID-19 & Cyber Security

While the world’s focus is on COVID-19 and the health and economic impacts it is causing, behind the scenes hackers are taking advantage of the situation to hit businesses with targeted cyber-attacks.

So, what makes this situation so enticing for a hacker? Well as more and more countries go into lockdown, we are seeing millions of staff working from home and this exposes a company’s IT to a new realm of cyber vulnerabilities significantly.

A personal computer or home wi-fi network does not have security systems in place like an enterprise would (intrusion detection systems, advanced firewalls and filters, security incident and event monitoring), leaving them incredibly vulnerable. If a hacker has access to a staff member’s personal computer or network, they will more than likely gain access to their business login credentials, and / or sensitive information of the company or its customers. Thus, there is an increasing likelihood of much wider exposure and breach of the company’s IT systems and assets. Unless you are experienced in cyber security, there will be minimal way to tell if your phone, portable device or computer has been compromised. An IT department may have limited visibility of the usual monitoring capability compared to normal.

Another reason that businesses are being targeted is simply that IT staff working from home cannot respond as quickly to a breach, giving the hackers very valuable time to either cover their tracks and hide their access to their system or ‘smash and grab’ and take any confidential information they find.


Your first steps to security

So, what can staff do to minimise the risk of a breach during this time?

  • Use a work laptop not a personal computer
  • Use secure wi-fi networks (WPA2 instead of WEP in wi-fi networks) – no public networks
  • Report lost or stolen devices immediately
  • Keep antivirus programs and operating system up to date
  • Use a VPN to encrypt your internet traffic (NordVPN, ExpressVPN etc.)
  • Be extra vigilant about phishing emails
  • A mobile hotspot is much safer to use than a home network
  • Always turn off Bluetooth in public, especially on trains
  • Do not transfer unencrypted confidential or sensitive information / documents from work emails to personal emails and vice-versa.
  • Practice strong password techniques (combination of alpha-numeric and special charters and / or passphrase or longer passwords)
  • Where possible, activate multi-factor authentication in personal devices or apps.


What can employers do to minimise the risk of a breach?

  • Educate, educate, educate staff!
  • Setup remote access
  • Confidential information is still confidential – personal email accounts should not be used for company business and keep track of what you’re printing at home.
  • Keep an offline copy of staff contact information in the case of a breach and systems are shutdown
  • Implement device management systems, there are many on offer, we can help you select which fits your needs


Terra Firma Covid-19 Cyber Security Support

Yes, we are experts in cyber security and our globally accredited consultants can align you to standards, frameworks and methodologies.

Today’s needs – What we also do is understand your current situation. You have made changes to your working processes to support your customers and your staff to enable you to continue to deliver products and services though this time of pandemic crisis.

Businesses are different, your offerings are different, customers are different; a school is not like a hospital, a restaurant chain is not like a construction company. How you have to adapt to the current situation in order to survive physical separation of staff, full lockdown, working from home, online transactions only is unique to your business. We will work with you to make sure you, your staff and your customers are quickly protected.

We can help, please call Katrine Close and our Security Practice on 1300 820 348 to talk through your own situation.

To see how Terra Firma can help support your business through the pandemic in the Business Continuity & Resilience space, please click the tile below

Business Continuity and Resilience