How to protect yourself against cyberattacks while working from home

Working from home means a lot of Zoom sessions, visiting various websites in the name of research and, well, a lot of online activities.

Unfortunately, as more people start to work from home, the number of cyberattacks has also increased. In Singapore, some people are using Covid-19 to phish for personal information or scam people of money.

The Government has also cautioned the public to be careful before clicking on links or believing information disseminated online.

But why do we have to be extra careful at home? Our internet security at home is usually more susceptible to cyber threats as it's not as tightly controlled compared to that in the office.

So how can you guard against common cyberattack methods while working remotely? Teong Eng Guan, Vice President, ASEAN, Palo Alto Networks, shares eight ways you can protect yourself.

When searching online

Remember those 100,000 new domain names? Cybercriminals have been found to leverage online search terms by placing links to malware-distributing or ad-filled websites in web searches and social media results.

As a precaution, enable the website filtering function on your anti-virus software and stick to trusted media publications when searching for the latest Covid-19 updates.

When gaming

If you live with family, there is a likelihood that devices are shared, and if so, the same device being used to access secure company servers could be used for personal activities such as gaming.

Since the implementation of circuit breaker measures, traffic to online gaming sites and applications has also increased significantly, as more people turn to games to pass the time.

Criminals often pepper third party sites with malware-infected apps so make sure to only download games from verified sources such as Google Play and App Store.

When videoconferencing

Video conferencing cyberattacks such as 'Zoombombing', malicious chat links, and unauthorised attendees, can be easily prevented with a few simple steps. These include enabling passwords, reviewing privacy settings, turning on notifications for new participants and disabling the 'join before host' function.

Regardless of which video conferencing tool you choose to use, ensure that you are using the latest version and all the security features that are available to you.

When holding virtual gatherings with family and friends, it's best to use your personal smartphone or laptop. Try to avoid mixing work and play on the same device if possible.

When using Internet of Things

Internet of Things (IoT) devices such as smart home appliances have become more common in our homes, but we often overlook the cybersecurity risks they introduce.

Your smart television or refrigerator could very well be the entry point for cybercriminals to infiltrate your home network, especially since many of these appliances do not adhere to any universal security standards.

Hence, it is imperative that you change the default password settings upon purchasing such devices. It may seem like a bother, but it could prevent incidents like having your smart refrigerator turned off remotely or racking up bills from unauthorised subscriptions to on-demand TV services.

When using Virtual Private Networks

Conversations around security for remote working have largely been focused on business continuity, but little has been said about the risks of connecting to the enterprise network from home.

Can you recall when you last updated the firmware on your home router? If ever? Many of us often overlook the importance of keeping our routers updated, which makes them vulnerable to security risks.

Cultivating the habit to install the latest updates and changing the default passwords on your home router will optimise its performance in addition to the enhanced security benefits.

Phishing

Phishing remains one of the most popular methods for cybercriminals to steal information in Singapore and this remains true even in the face of a pandemic.

Our threat intelligence team has observed a surge in the number of phishing messages baiting people to click on malware links under the pretence of providing Covid-19 updates.

Always access your work email via a corporate firewall and be wary of anything that is being offered for free, whether through email, messaging apps, or social media. Be sure to think before you click as cyber attackers will always be on the prowl.

ALSO READ: Coronavirus pandemic exposing internet users to new cybersecurity risks

Online scams

The demand for face masks and sanitisers are at an all-time high so while it may be tempting to take advantage of flash deals, be cautious of bargains that seem too good to be true. Stick to the golden rule of online shopping and buy only from trusted retailers and platforms.

Scammers are also taking advantage of those seeking to do good during this time of crisis so make sure that your donations, be it funds or supplies, go to registered charities at the Charity Portal.

Cloud

It is vital that cybersecurity measures extend to the cloud as it is a core component of the software we use for our daily work tasks.

Check with your IT staff to ensure that your corporate firewall infrastructure leverages threat intelligence to monitor all traffic coming in and out of the network. This will add another layer of protection for your home devices whenever you access the corporate network remotely.

Scammers. Never. Sleep. Their modus operandi is to search, select, and scam targets all day and a crisis of this scale is an opportunity for them to cause even more damage.

This article was first published in CLEO Singapore.