Subscribe
  • Home
  • /
  • Malware
  • /
  • User education key to overcoming cyber crime

User education key to overcoming cyber crime

Criminals always leverage disasters, and the current crisis is no different, except that with so many new remote workers operating in a climate of fear, multitudes are ripe for exploitation.

Johannesburg, 30 Apr 2020
Sam Gelbart, Technical Director, SYNAQ
Sam Gelbart, Technical Director, SYNAQ

Following the announcement that lockdown was coming at the end of March, a mad scramble ensued as businesses sought to ensure that critical staff were at least able to work from home. However, with a huge number of people now undertaking remote work for the first time, it is unsurprising to learn that cyber criminals are seeking to exploit these relatively inexperienced online workers.

It is important to contextualise this, says SYNAQ technical director, Sam Gelbart, adding that under the current circumstances, many of these remote staff may find themselves in a heightened state of anxiety, stress or depression, caused by both the pandemic itself and the ensuing isolation. This can easily change the way they view and respond to possible threats that are received via common communication media such as e-mail, WhatsApp and SMS.

“Cyber criminals are an unscrupulous lot and are using this heightened emotional state of stress and fear to prey on people who may be in need of help financially, or who are concerned about possibly having been in contact with people who are infected with COVID-19. Remember that people in such a state are far less likely to treat any communication promising some form of help, or that is offering a health warning, with the requisite levels of scepticism. This clearly makes them very tempting targets for cyber criminals,” he says.

“The answer to these new challenges is, of course, technology. This will be critical in reducing the risk of security breaches. At minimum, companies need to reduce general risk by setting up a secure VPN so that all remote staff can connect to the office network and securely access internal applications and services via a Transport Layer Security (TLS) encrypted tunnel.”

He explains that this reduces a company's exposure of its critical services to the Internet and eliminates the passing of unencrypted user credentials over the public Internet and via WiFi access points. If a business uses vendors that support two-factor authentication (2FA), such applications absolutely must have it enabled, he continues, while users should be trained on how to install and use the approved authenticator app on their smartphones.

“Anti-virus (AV) may be old technology, but remains critical, and absolutely must be kept up to date in these times. Businesses should also invest in centralised AV management to ensure all user end-points – such as laptops – are running the latest AV versions and also to be able to enforce policies from a central administrator.

“While any user should, by default, be sceptical, it can be difficult to remain so when presented with a communication, especially e-mail, that appears to come from an official institution or brand.”

Gelbart suggests that remote workers apply some basic rules of thumb in order to improve their own security in this respect. Firstly, if the e-mail elicits a highly emotional response such as fear or excitement, they should be wary. Thus, a mail promising financial relief from government in relation to the lockdown may be exciting, but if it then asks you to confirm your banking details, username or password, your suspicion should be aroused, he continues.

“These criminals also prey on fear, so the message may say that you are part of a COVID-19 tracing operation and that an infected person has listed you as being a person they were in contact with. Such an approach may be used to get you to download a form to complete that inserts malware into your computer, for example.

“Therefore, if links are clickable in e-mails, hover your mouse over the link to see if the destination goes to an unrecognisable domain – then tread with caution. In addition, obvious grammatical or spelling errors are a clear indicator something is up, while you should always ask yourself if you even qualify for or are really expecting a mail like this.”

Finally, he adds, if users are really not sure, they should be encouraged to reach out to the company’s IT or security professionals, and simply ask them if the message or e-mail is legitimate in their eyes.

While it is obviously difficult to overcome people's natural fears and curiosity – particularly in this climate of a world-altering crisis – the only tangible solution, states Gelbart, is to educate, expose, discuss and learn. This is the best way to empower employees to become professional sceptics and to always treat e-mails with suspicion.

“While there is no doubt that this pandemic is going to significantly and permanently change a lot of industries, I do not think that the security industry’s approach to tackling cyber criminals will alter dramatically. After all, this pandemic is just another opportunity for cyber criminals to exploit the vulnerable, so once it recedes, the bad guys will simply use whatever new socioeconomic conditions or events arise to continue to exploit the ignorant and vulnerable.

“The long-term answer thus remains the same as it has always been – user education and training must be invested in by companies in a significant manner, since whatever security measures are put in place, humans always remain the weakest link in the security chain. Therefore, it is imperative that user education and training in how to identify threats is placed top of mind if we are to have any hope of securing the future in a post-COVID-19 world,” he concludes.

Share