With the COVID-19 outbreak sweeping the globe, working from home has become increasingly common. In demanding times, corporate functions deemed non-essential are the first to be reduced, and cybersecurity tends to be lumped into this category. It’s important to remember that good cybersecurity practices are even more critical now than in times of normal operation.
During global emergencies or other high-profile news, attempts by scammers to compromise systems or accounts through phishing attacks trend upwards. People in a technology role may receive phishing attempts that appear to be coming from others within the organization about computer issues. Any attachments will be malicious attacks that attempt to load keyloggers or other pieces of software or even attempt to create a remote session to the system.
Another phishing attack may lure the employee in with an email message stating, “Multiple individuals within the organization have tested positive for COVID-19. Please click the following link to follow a live update of all employees who have tested positive.” For some, temptation or even fear will prevent them from recognizing the obvious flaws in the email, and they will immediately click on the link. When the employee accesses the malicious web page, the attack will have compromised the system and given the attacker access to any data on their system.
There could also be an increase in active cyberattacks happening around the world during these times. With everyone’s time, effort, and thoughts on items that are deemed more critical to them than cybersecurity, attackers could potentially have much more time and freedom within an organization before they are detected and stopped.
In times of crisis, we may adjust our focus, but we need to make sure we are diligent and mindful of the cybersecurity issues surrounding us. Don’t let distractions lead to vulnerability for your organization.
This article was originally published on Automation World blog
Brandon Bohle, Manufacturing IT Analyst III