Cybercriminals lurk in the shadows, armed with the utensils and know-how to cause irreparable damage to individuals and businesses at the click of a button. The COVID-19 pandemic has proffered endless opportunities for cybercriminals to manipulate. Being vigilant is simply not enough. Proactive steps need to be taken now before it is too late.
In a matter of a few months, COVID-19 has radically altered the way the world operates. Governments across the globe have implemented and enforced strict social distancing measures in order to curtail the spread of the virus, forcing a meteoric rise in remote working across the world.
This change in work pattern presents real risks to many businesses, particularly SMEs. Employees, when in the office, are often protected by the security perimeters that their company provides. The same cannot be said when working remotely from home. Many home devices use a shared network, giving way to several unprotected endpoints and leaving the door wide open to a security breach. Home Wi-Fi networks are notoriously insecure and often use factory-standard or simple passwords which are vulnerable to attack. Further, game consoles and smart appliances offer a low-security gateway to fraudulent activity.
Since the shift from the office to working from home, businesses may find that their cyber security protocols are no longer satisfactory as they attempt to combat the deluge of remote connections and cope with several dispersed endpoints. Cybercriminals, will no doubt be well tuned to these vulnerabilities which they will be seeking to exploit during this challenging time.
Each employee who works from home presents a new gateway into their company’s network. Phishing attacks commonly target employees and rely on naivety for success. Last year, over half of cyber attacks in the UK involved phishing, and over 80 per cent of businesses were targeted. According to Action Fraud, March 2020 saw a staggering 400% global increase in cyber attacks. Heightened awareness, along with a revised implementation of cyber security, has never been more vital. The threat cannot be overstated.
For SMEs, establishing exactly what new cyber security measures need to be put in place can be difficult. The National Cyber Security Centre (NCSC) has recently offered some guidance in this area (“COVID-19: Moving your business from the physical to the digital”). In summary the NCSC’s guidance deals with the following issues and raises a set of questions which businesses and / or their respective IT service providers should be considering about the security of the systems which are being relied upon.
Dealing with new ways of working
Assessing cyber security measures
A recent Make UK study revealed that almost 50% of the respondents surveyed lacked a means to track the ongoing performance of their cyber security infrastructure.
The NCSC recommends that a baseline is established by businesses in order to address the current security in place and point towards areas which may need further attention. The following questions can assist establish that baseline.
The rapid, unprecedented move to home working has raised issues around digital security. Cybercriminals are aggressively exploiting the current uncertainty and any loopholes in cyber security protocols. During this time of amplified risk, businesses of all sizes ought to take steps to ensure they have a robust, comprehensive cyber security systems in place. By doing this, a business can safeguard against one of the greatest threats during the lockdown period.
The Dispute Resolution team here at Knights have expert defamation lawyers advising international, national and regional clients in the areas of defamation, privacy, data management and reputation management for both contentious and non-contentious matters with a proven track record of bringing such matters to a successful conclusion.
If you would like further information, or would like to discuss your particular circumstances and how Knights could help you and / or your business, please contact Asim Din from the Dispute Resolution team.
This article is for information purposes only and should not be relied upon in place of legal advice.