20 Mar 2020 How to Protect Yourself from COVID-19 Cyber Risks
The recent COVID-19 outbreak is something we never expected and we are all trying to get used to a new way of life to avoid the spread and keep each other safe.
For many of us, this has been a time to come together (even while socially isolated). People are uniting around a cause and looking for ways to express kindness and help their neighbors.
Unfortunately, other people are using this time when the public is especially vulnerable and distracted to stage harmful cyber attacks.
On top of that, the increase in remote workers is opening up new vulnerabilities to businesses whose computer systems may not be as protected as usual.
At Berry Insurance, we know this is a hard time for everyone. We have altered how we do our business, and are all currently working remotely. We all have a lot on our minds and the last thing we want is a cyber attack that destroys files and work and causes financial hardship.
That’s why we want to educate you about all the additional cyber risks going on right now (there are many), and what you can do to best protect yourself and your business.
Cyber scams/fake emails
Currently, many people are socially distancing, which means that rather than spending time out in the public or with family and friends, they are at home, spending hours online and looking for any new information about the coronavirus outbreak. Almost every company is sending out an update on how they are handling the pandemic, and people are reading them, thirsty for any COVID-19-related information.
Unfortunately, cyber attackers know this and are sending out a variety of fake emails, texts, and social media posts that are actually cyber scams, hoping that people will click into it.
Some of these emails can be hard to differentiate from all the other similar emails you are getting from a variety of companies. If opened, they can be easy to fall for, and you might find yourself unknowingly installing malware on your computer system.
Some of the cyber attacks going around come in the form of:
- Emails with suspicious links claiming info on COVID-19
- Emails with suspicious links claiming to have info on current charities and ways to give back
- Online offers/fake emails offering vaccinations
- Emails asking for your information so the government can send you a relief check
Working remote risks:
At this point, most of us who have remote capabilities are working from home.
This situation is something nobody saw coming, so many businesses are trying to navigate a new work-from-home structure.
One of the things to consider when transitioning to a remote structure is how it may be opening your business up to cyber vulnerabilities.
Those who do not have work laptops to bring home are working on home computers, which may not have the same protections as their work computers.
Even if employees do have a work laptop to bring home, they are likely working on their personal Wi-Fi or public Wi-Fi, which can be more easily hacked.
Preventing a cyber attack:
With these cyber attacks on the rise, it is important to know what to look out for and how to protect yourself from an attack or breach.
Don’t click on any links from sources you don’t know. Clicking these links could be authorizing cyber attackers to download viruses onto your computer.
Look closely at any emails about coronavirus. Pay attention to email addresses or website URLs to see if there are any discrepancies between them and the sources they are claiming to come from.
Disregard any offers for coronavirus vaccines or cures, or any requests for information from agencies claiming to want to send you government funding. If these offers were legitimate, they would not be coming through online sources.
If someone is asking for donations online, make sure it is a legitimate source. Avoid sending donations electronically.
When working from home, use a company-issued Virtual Private Network when doing anything work-related.
If using public Wi-Fi: make sure it is a safe network. When a mobile device, (i.e. laptop, cellphone, tablet, etc.) connects to a Wi-Fi network, it has selected it by the SSID (Service Set Identifier). When that process takes place, it is noted if the network is secured or not. If the network is “open” and “not secured,” do NOT use it for any private information, which includes any business correspondence or transactions. Even if you connect your company laptop to an open network and feel it is safe because you are just opening Facebook and not your company’s files, it doesn’t matter. Everything that the laptop has touched is now vulnerable to an attack.
If using home Wi-Fi: make sure the network is password-protected (and not just the default password … or “password” … or “1234”). Home networks are often set up by the ISP (Internet Service Provider) at the time of installation (i.e. Cox, Charter, Verizon, etc.) and never touched again. There are two steps that should be taken to make sure that one’s home Wi-Fi is secure.
- Verify that the SSID has security enabled. If it does not, you should enable your security as soon as possible (current recommendation is WPA2-PSK (AES)).
- Make sure the SSID login password has been changed from what the ISP setup when the installation was complete and is a strong/custom password.
Install antivirus software:
If you do accidentally click into something malicious, one way to potentially block a cyber attack is with an antivirus software.
Make sure any devices you are using have an active and updated antivirus software installed.
Get cyber insurance:
As another way to protect yourself from cyber attacks or data breaches during this tumultuous time, consider obtaining a cyber insurance policy.
Cyber insurance covers costs associated with a cyber attack or data breach.
This includes malicious actions such as hacking, viruses, phishing, denial of service (DoS) ransomware, malware and more; but also data losses from incidents such as computer glitches, power surges, and accidental deletions.
The insurance covers costs and legal fees incurred from business losses, investigations, lawsuits, and extortion.
Although cyber insurance can give you added protection, when purchasing cyber insurance, it is important to understand your cyber insurance policy will not pay out if you don’t do your part to protect your company from cyber attacks as well.
If you make a claim and the insurance carrier determines you were negligent in making efforts to protect your computer systems, it may not cover the damages.
Check with your cyber insurance carrier to learn their requirements and if employees working from home on personal computers and Wi-Fi networks are eligible for coverage.
As this crisis progresses, hackers will likely alter their techniques and establish new cyber attack strategies. Stay informed by visiting www.StaySafeOnline.org for up-to-date information and resources.
Keep your body AND computer healthy:
We’re happy that you’re being socially responsible and spending time at home to keep healthy and stop the spread of coronavirus.
While you’re spending extra time online learning about what you should be doing during this outbreak, make sure you prioritize the health of your computer as well. Be vigilant, do your research, and don’t click on anything that seems suspicious.
>For other COVID-19 related information, check out our COVID-19 FAQ blog, which addresses all the questions we’ve been getting about how the coronavirus outbreak is affecting businesses and individuals.