Covid 19 and the increased threat of Cyber Attack
We will all the have recently seen the effects that the recent cyber-attack on the Dept of Health and the HSE has had on our everyday lives whilst we are trying to control the spread of the virus by our vaccination programme, this highlights that all business whether large or small are susceptible to cyber-attack and can leave even the largest of business or government agencies paralysed. We are all aware of the risks posed by cyber-attacks but strangely the coronavirus pandemic has created new challenges for businesses as they adapt to an operating model in which working from home has become the ‘new normal’ and we have no idea how long this new normal will last or if it is here to stay. Companies are accelerating their digital transformation, and cybersecurity is now a major concern. The reputational, operational, legal and compliance implications could be considerable if cybersecurity risks are neglected. It has been shown that during the pandemic where worldwide restrictions imposed by governments have encouraged people to work from home, there has been a marked increase in cyber attacks – the problem being that many organisations are still not providing a ‘cyber-secure’ working environment. Initially some businesses may be reluctant to invest the capital required in their remote security, however a lack of investment may cost more in the long run. Listed below are items that organisations should consider for all their remote employees to mitigate any exposure to cyber-attacks: -
- Renew business continuity and crisis plans (BCP’S). In this new Covid World which none of us anticipated, we need to review and update our BCP’s to ensure that they consider cyberattack and the new working from home environment.
- SPAM awareness. Employees should be vigilant when receiving emails and should check the authenticity of the sender’s address. This is possibly one of the easiest ways to get caught out on. Because of the ever-evolving nature of SPAM, even the best firewall can capture all the SPAM.
- Malware protection. Employees should be provided with a license to antivirus and malware software for use on their personal computers if they are being used for work. It would also be necessary to have all the laptops etc encrypted.
- Home network security. Employees should ensure that their home Wi-Fi is protected by a strong password.
- Use a VPN. Virtual private networks add a further layer of protection to internet use from home. They alone cannot on their own be relied upon to prevent cyberattacks, but they can be a useful barrier against cyberattack.
- Identify weak spots. All IT systems have weaknesses. Companies and government departments should run tests to identify them and remedy the most critical vulnerabilities as soon as possible. This can take the form of a ‘Pen Test’ (penetration testing) to search for vulnerabilities in the IT system.