How to stay safe from cybercriminals during pandemic?

As more companies adopt work-from-home policies in response to the pandemic, cybersecurity has become a major concern.

Cybercriminals are opportunistic and exploit human weakness and technology gaps to penetrate systems. They do this to gain access to user’s personal data, disrupt organisations IT infrastructure, perform fraudulent financial activity and even obstructing healthcare providers, public systems and networks.

With a larger population now heavily reliant on the internet for work, and also increasingly dependent on digital communications and tools for social networking, financial transactions and several other online activities, the upswing in cybercrime is inevitable.

We spoke to Rohit Sawhney - Systems Engineering Manager, Juniper Networks, to understand the risk and how to stay safe.

Protect sensitive and confidential data

• Organisations should take better ownership in creating micro-perimeters around critical data, applications and services to ensure that only known traffic and applications have access to the assets you are protecting.

• Mobile workers should strictly leverage technologies like IPSEC & SSL VPNs which provides secure and encrypted communication back to the organisation network.

• Remote workers should use multifactor authentication (MFA) to access networks and critical applications.

• Organisations should have zero trust security architecture to ensure users and systems are controlled, while adhering to and protected by common security policies irrespective of the end user location and connectivity

• Organisations should have the ability to filter malicious domain URLs to thwart common phishing attacks. They should have technology means to block exploits, malware and command-and-control (C2) traffic using real-time, automated threat intelligence.

Employees working remotely who notice any suspicious activity pertaining to cybercrime should alert the organisation IT Security team and take advice accordingly.

Remove suspicious apps from handheld devices to avoid data theft. Make sure to immediately change the password for your accounts if they have been breached.

Enterprises facing cyber threats must ensure they analyse the sequence of events that led to cyberattacks by leveraging technologies and solutions like SIEM, Threat Intelligence, Logs from Security Devices.

Tips for enterprises and users

• Enterprises IT security policy should have a framework to provide end users systems with software tools that help in blocking and alerting any unknown malicious activities.

• Enterprises IT Security infrastructure should embrace latest technology trends like Juniper’s Advance Threat Prevention solutions,  critical in preventing cyber threats caused by sophisticated attacks (malware, ransomwares) not controlled by legacy IT security solutions.

• For any organisation, perimeter-only defense model is no longer effective on its own. Security should not be an afterthought. It’s time for enterprises to integrate security into their overall infrastructure and to all endpoints of the network; as demonstrated in Juniper’s Connected Security framework

• Users should refrain from clicking and exploring e-mails/weblinks from unsolicited invites to protect themselves against phishing attacks.

• Users should avoid downloading unsafe and fake apps during a pandemic

• Crosscheck the URL before entering any credentials. Banking websites (and others dealing with finance) use HTTPS (secure HTTP). Ensure these checks are carried out when browsing.

• Use Strong and unique passwords.

• Be careful while using Public WI-FI.