The surge in remote work increased cybersecurity risks adding to the COVID-19 pandemic. Several industry experts stated that organizations in financial, health care, federal, and state agencies that deal with sensitive data will have a huge impact due to remote working conditions.
Based on a research from Kaspersky, businesses in South Africa suffered several network attacks between March 15 to March 21, 2020. It revealed that cybercriminals attacked up to 310,000 devices in one week. With millions of people in the country accessing corporate networks remotely, hackers have increased attacks on IT networks, MyBroadband reported.
The research also highlighted that hackers targeted corporate network systems to gain control over them and compromise sensitive information. Most of the hacking attempts in South Africa involved brute force attacks, which are intended to steal passwords and other credentials.
Commenting about the current scenario in South Africa, Maher Yamout, Senior Security Researcher for the Global Research and Analysis Team at Kaspersky, said, “The region is seeing an increase in attempts to break into the organizations’ systems to establish control over them, sabotage their work, or access sensitive information,”
“Remote working provides cybercriminals a prime opportunity to target devices, especially those that don’t necessarily have adequate IT security measures in place. Such a spike recorded, although temporary, leads us to believe that cybercriminals have keenly been focused on the region given the current circumstances,” Yamout added.
Kaspersky also recommended a few tips to employees working remotely during the lockdown. These include:
- Make use of a VPN to connect securely to the corporate network
- Use multi-factor authentication wherever possible
- Ensure all corporate devices – including mobiles, laptops, and tablets are protected with adequate security software
- Segregate your personal devices/life from corporate computers
- Ensure the latest available updates are installed regularly
- Only use corporate-approved teleconferencing software
- Practice basic cybersecurity rules