Peter says that the cyber-attacks on his company are relentless.
“We see tens of different hacking attacks every single week. It is never ending.”
A senior computer network manager for a global financial services company, Peter (who did not want to give his surname, or the name of his employer, due to his firm’s anxieties surrounding cyber-security), says they are bombarded from all directions.
“We see everything,” he says. “Staff get emails sent to them pretending to be from the service desk, asking them to reset their log-in passwords.
“We see workers being tricked into downloading viruses from hackers demanding ransoms, and we have even had employees sent WhatsApp messages pretending to be from the CEO, asking for money transfers.
“And having staff working from home during the lockdowns has just made it worse, as it is much harder to keep an eye on everyone.”
Companies did not provide additional security relating to computers, electronic communication, phone communication.”
So what can both companies and home working staff do to make things as safe and secure as possible?
Ted Harrington, a San Diego-based cyber-security specialist, and author of Hackable: How To Do Application Security Right, says firms should have started by giving all home workers a dedicated work laptop. While many larger companies may well have done this, not all smaller firms necessarily have the resources to do so, but Mr Harrington stresses its importance.
“Supply staff with laptops and other equipment that are owned, controlled and configured by the company,” he says. “This alleviates the burden on your people to set things up right, and ensures they follow the security controls the company wants.”
Definitely don’t have staff using their personal computers for work, says Sam Grubb, an Arkansas-based cyber-security consultant, and author of forthcoming book How Cybersecurity Really Works.
“The main problem with using your own computer to do work is that you are not limited in what you can do on it, nor are you necessarily the only one that uses it,” he says.
“So while you might not be visiting a shady website to download movies for free, your teenage son could be doing that exact thing on your home laptop without you even knowing.
“This makes it much easier for malware or other attacks to happen. This might affect the work you are doing, or in a worst-case scenario, lead to the compromise of co-workers’ devices, or other company devices such as servers.”
Mr Harrington says that the next step is that companies must set up a VPN or virtual private network, so that remote computers have secure and encrypted connections with the firm’s servers and everyone else in the company.
Source : BBC