How is it going? A new, less deadly, but more contagious Covid-19 variant, Omicron is around. Meanwhile, I flew for the first time since Covid-19; traveled almost half the globe to see my grandparents and family. With peak winters, but a little longer days, I am hopeful that the year 2022 would be happier and healthier. Recently, I participated in an online cybersecurity course. I understood the various cyber issues and how cybersecurity has grown in importance with rising accessibility and usage of the internet. The pandemic has changed the world in many ways. A good example of how businesses and institutions have shifted to majorly online networks. However, this raises the concern of cybersecurity as online systems have the risk of being completely sabotaged.
Cyber attackers have taken advantage of increased work at home. They are capitalizing on devices with lower ‘cyber-safety’ stepping up their criminal activities. About half of them are phishing attacks, the others include exploitation of vulnerability and strong interests in the Covid-19 situation. The pandemic led to changes in the workplace and workstyles, which led to further cybersecurity issues.
Cybersecurity Changes and Challenges in recent times
Some of the most common changes and related challenges since the pandemic:
Using home equipment for professional work
According to a survey, 80% of employees used their personal computers, even after about 51% of the employees were provided with the required equipment. Home equipment was also used for entertainment such as games and watching movies. This decreases not just productivity, but also encourages cybercriminals to target websites and entertainment software,
Bringing in collaboration tools and websites
Remote working means that workers can edit documents and use the software on company-owned devices. Therefore, the pandemic brought with it an increase in the demand for collaboration and communication software.
Cybercriminals also tried to take advantage of the increase in use of such softwares. One such vulnerability was found in Microsoft Teams, one of the most used videoconferencing and collaboration apps. The vulnerability allowed a hacker to gain access to all accounts in an organization.
Several employees also use personal accounts while using services such as Microsoft Word for collaboration and this poses a risk as personal accounts lack centralized rights management to protect private data.
Adapting alternative technologies
Many employees do not have access to specialized software at home. They may use alternative software that they are not accustomed to. Everyone does not have the same ability to adapt, and it is necessary for companies to check if all employees are able to use software and contribute to the workplace. This also impacts the productivity of the firms. Alternative software may also not have all features and factors required by employees and many may be unable to do their job.
Increasing Phishing attacks
The sudden rise in COVID-19 infection rates caused mass panic in its initial stages and made people vulnerable to believing almost any information, especially since it was a new virus no one knew about. Hackers and cyber bullies took advantage of this vulnerability and sent emails and messages to people of having a ‘cure’ or a solution, or emotionally blackmailing people to help them. They tempted people into clicking links easily and phishing attacks increased majorly in the forms of SMS phishing, email phishing, etc.
What can we do for better cybersecurity?
Cybersecurity professionals are busy mitigating risks following the increase in cybercrimes. This includes making firms aware of attacks in a remote workplace and training workers to identify and avoid such attacks. There are also direct solutions that can secure home networks to make them safe for work. These include Firewalls, Intrusion Detection Systems(IDSs), and Intrusion prevention systems (IPS).
Firewalls- A firewall is a network protection tool monitoring all network traffic. It blocks suspicious packets of data or denies all packets except those considered appropriate for the set parameters. Firewalls are one of the most basic cybersecurity measures included with antiviruses. We use anti-virus on all our family devices including phones, PCs. The number of warning and safety messages that we receive has increased since the pandemic,
Intrusion Detection Systems- IDSs monitor network traffic and analyze patterns to determine any intrusions in the system. The network traffic is compared to previously discovered and defined vulnerabilities that are all stored in a database. IDS also checks other parameters, such as possible intrusions regarding protection policies, ransomware, and port scanning.
Intrusion Prevention System- This is a shield between the outer network environment and the internal network. It also works in a similar way, prohibiting network traffic listed in vulnerability profiles.
VPN – Virtual Private Network makes internet surfing secure by creating a private network from public connections. A public network hides the IP address and actions become untraceable. Therefore, VPN provides a secure and encrypted connection. VPN also creates the connection in a virtual location, and you can virtually be anywhere in the world. I often use a VPN to watch shows that are not available in Germany.
Do we have a respite in near future?
It’s been around 2 years that we have become so dependent on home appliances and cybersecurity. Just like wearing a mask every day to school and taking a quick antigen test before entering my classroom has become a new normal, the worry about internet speed, updated apps on our PCs, juggling for a better private spot has become everyday routine at my home. This set-up looks like a permanent one, at least going to stay a bit longer. With a drastic increase in backhauls, VPN, etc., will we be able to ensure the security of our systems? Besides prioritizing the above-mentioned solutions, what else can we do? One such respite that I recently read about could be ‘zero-trust architecture’ that removes special privileges that users had once they got access rights (tradition setup). This structure requires authenticating every user and hence ensures continuous verification of the user.
I would like to know your thoughts as well. Do let me know in the Comments section.
0 Comments