COVID-19

Infoblox’s Ashraf Sheet talks about cybersecurity in the time of coronavirus

Interview with Ashraf Sheet, Regional Director MEA at Infoblox.

Your best tips for businesses looking to improve cybersecurity across their organisations?

As the world is focusing on the ongoing pandemic and so many people are working from home, safe and secure networks are a critical component to keeping companies running. Infoblox recommends that businesses implement the following guidelines and best practices to ensure the security of their networks and corporate data while employees are working from home.

Develop and communicate clear and consistent policies

It is essential that employees have clearly defined IT policies and protocols in place for working from home. These should include, but are not limited to:

·       Making sure that employees only use approved devices to access and store corporate data, where possible;

·       Mandating the use of strong passwords, at least 12 characters, when accessing corporate networks; and

·       Implementing multi-factor authentication, ideally with hardware tokens instead of text messages, which can be spoofed.

Leverage technological solutions for network security

Companies most likely already have a robust security infrastructure in place to protect their corporate network. Now that the corporate perimeter has vanished, IT managers need to ensure that technologies are ready for employees to use when working from home, including:

•      Ensuring that all corporate security products are patched and updated to the most recent version across users; and

•      Now that users are accessing applications from the cloud, and users are working from home, the traditional corporate security perimeter has vanished. They no longer need the VPN to get work done. They use cloud applications, many of which have not been vetted by IT. It’s important that organisations are providing a fast, easy way to protect users and enforce acceptable use policies.  As more employees work from home, businesses need to ensure that they’re providing a fast, secure and reliable internet experience to their employees to ensure business continuity.

Educate employees about the increased risk of cyberthreats

Above all, employers should make sure that employees are aware of the increased risk of cyberthreats tied to the coronavirus pandemic, and train them on how to avoid them, including:

•      Alerting employees to expect an increase in phishing attempts and other malware, and to not respond to any emails seeking personal, corporate, or financial information;

•      Reminding employees to avoid clicking on links in unsolicited emails and to be wary of email attachments. For example, malicious actors are using fears of coronavirus to distribute the LokiBot malware; and

•      Teaching employees how to make sure their work from home setup is secure, and that WiFi and other devices are properly configured.

Key takeaways that businesses can learn about the importance of network security from the coronavirus pandemic?

The speed at which coronavirus has spread has proven a challenge for everyone, IT professionals included. This situation has highlighted the importance for organisations to invest in networking and security services, especially at the network edge, not just for crisis situations, but for the changing nature of work.

As networks continue to be more decentralised and more employees take advantage of the benefits of working from home, securing networks from malware and other cyber threats will remain a challenge. Emphasising and implementing cybersecurity training and decreasing the amount of vulnerable IoT devices when working from home will help IT managers ensure that corporate networks remain cyber-safe.

Likely attack routes for hackers at this time. What is now more at risk for businesses and individuals?

While the numbers vary across regions, practices will be opening up their enterprise networks to a significant risk of malware and other types of cyber-attacks. The vast majority of incidents are attributable to malicious actors outside of the organisation, yet more and more sensitive data is exposed when insiders fail to properly handle or secure the information. Specific IoT devices are often targeted, such as VoIP phone, and video decoders, as attackers use them to gain access to corporate networks.

This can leave organisations with various vulnerabilities that can be exploited for data exfiltration and the spread of malware. One example is the LokiBot infostealer which joined the list of malware being distributed by threat actors taking advantage of the fear and interest in the spread of COVID-19. From 3 to 6 March, Infoblox observed two malicious spam email campaigns distributing LokiBot under the guise of providing information on coronavirus’ impact on supply chains.

Unfortunately, cybercriminals will always take advantage of any situation that might increase their changes of exploiting vulnerable people and it’s really important that individuals and businesses remain vigilant to avoid becoming the next victim.

 

Leave a Reply