COVID 19 – New behaviours and new risks

What Vladimir Lenin, a Great Russian revolutionary, said, “There are decades where nothing happens, and there are weeks where decades happen”, pretty much sums up the state that we are in these days.

The past 8 weeks starting from early March to end April has turned the whole world topsy turvy, questioning every single dogma that we as mankind held for decades whether it was globalization, addiction to oil or an insatiable appetite to consume Earth’s resources.

The new words that have made it to the lexicon instead are #workfromhome, #shelterinplace, #consumelocal, #lessismore, forcing businesses and individuals to adjust themselves to this new normal.

On average it takes a shade over two months, 66 days to be precise, to form a habit, most of humanity today is nearing that milestone, so expect the new norm to create lasting behavioural changes in a substantial populace.

Now one may wonder, what is this changing behavioural pattern got to do with cybersecurity? Before we get to that, let’s look at the impact some of these changing patterns have on our lives and the way we could use technology in the future;

· Improved productivity on account of WFH could make this a permanent feature of how companies could operate. Pre-COVID, about 17% of employees in the developed world were WFH, this number will go up multi-fold and will be across countries.

· Fear of being crowded places could fundamentally change the entertainment business with consumers choosing to consume the content online through OTT channels. Already some movies are being released directly on OTT.

· Schools that were once a haven for kids, would also have to re-think about assembling kids in confined classrooms especially in a country like India. With smartphones being ubiquitous and bandwidth cheapest, #learnfromhome could become a norm.

· The number of people dying in India has dropped substantially. Whilst, there is a direct attribution to accident-related deaths, there is also anecdotal evidence of lesser visits to hospitals for routine illness resulting in fewer mortalities. We might finally see #telemedicine take off.

There is no doubt that the post-COVID world will look very different, more so regarding the consumption of technology. As far as, home device usage is concerned, the big shift will be from casual usage for surfing or email to carrying out tasks either for your work, learning, entertainment, or even healthcare, and therein lies the rub.

The amount of time one would end up spending on these devices and the information that will be exchanged would be a gold mine for potential cyber-criminals. Already, home PCs are being targeted by criminals for stealing credentials to compromise corporate networks.

There are a few simple steps (like A.B.C.D), that even non-tech savvy users, could undertake to make it that much more difficult for criminals to attack their devices.

A – Antivirus: A simplest of the hygiene product that takes care of most of the standard threats. There are several of them available in the market, paid as well as free versions. Invoke all features including auto content updates, personal firewall, safe internet browsing, etc.

A – Auto-update: First make sure that you have legitimate versions of software on your device, and second the software needs to have an Auto-update feature on. This will ensure that all security patches released by the software provider are automatically updated.

B – Backup: Use free online back sites like Google (15GB), DropBox (5GB), or USB storage devices (128GB USB Driver = Rs.400/$7) to create a retrievable copy of your important data. Create a routine to back up your essential information at least once a month.

C – Credentials: Your user IDs and passwords are key to your online identity, guard them like you would your life. Ideally, memorize them but if you can't, it is ok to use password managers. But please don't write it on a post-it or store it in text files or word documents on the computer.

D – Data: Data is the new oil as they say and most of the social media sites thrive on the data that you generate for them by your usage and behaviour. It is important to understand what privacy rights you are giving away for the service you get. Do check the settings and preferences tab of these services and see what they are monitoring.

There is a famous Russian proverb “Doveryai, no proveryai” later on made famous by President Ronald Reagan “Trust, but verify”. This proverb is quite apt for our times especially in the context of the social engineering attacks that are on the rise as attackers take advantage of our curiosity and/or ignorance. Let's curb this behaviour and avoid clicking on links or responding to the emails that look suspicious.

In the meantime, let's stay safe, maintain social distancing, and see each other on the other side.

By Pankit Desai, Co-founder and CEO, Sequretek