Ransomware and remote workers: 8 tips to stay safe
After millions of workers worldwide were sent home following the first wave of lockdowns in March 2020, cybercriminals shifted gears. Amid the chaos of those early days, as corporate IT focused on keeping remote workers productive, ransomware attacks skyrocketed, with the FBI reporting a 62% increase in ransomware reports in the first half of 2021 compared to the same year-ago period. This follows a 20% increase in 2020.
None of this came as any surprise to those of us in IT; the pandemic opened the door and malicious actors were only too happy to walk through. Workers were figuring out how to use new-to-them collaboration tools like Zoom, Microsoft Teams, Cisco WebEx, and others. Vendors were struggling to introduce new features that better replicated the rich collaborative landscape of their now-shuttered office spaces. Business leaders straddled the precarious line between privacy and productivity, all while keeping virtual offices open.
Thanks to all this chaos, new security vulnerabilities were being discovered daily. And all this was playing out across the same home networks that the kids were using to stream Netflix, play video games, and share TikTok videos and do school online.
Security wasn’t exactly everyone’s priority, and cybercriminals picked up on it. Most ransomware attacks, like the Colonial Pipeline event, which resulted in fuel shortages throughout the Eastern Seaboard, and the JBS Foods attack, which limited meat supply across the U.S., start with a targeted phishing campaign against employees. With businesses having limited access to effective training resources to combat this rising threat, end-users represented the weakest link in the chain, and easy pickings for opportunistic digital criminals.
TIME TO GET CYBERSECURITY-SERIOUS
Almost two-and-a-half years into this global crisis, employers – and their home-based workers – must shift from a reactive mode to proactive model. This paradigm shift is necessary to protect themselves and their companies from the increasingly challenging threat landscape. With hybrid work becoming more commonplace, employers and their workers have a responsibility to STEP up their cybersecurity game. Whether you’re working from home full-time or have shifted into a hybrid arrangement, it’s up to you to protect yourself and your employer as if your job depended on it. Because it just might.
With remote and hybrid workers now representing the front line of defense against increasingly sophisticated cyberattacks, these straightforward changes can go a long way towards keeping you and your employer, from becoming the next major headline:
1 – Use email and messaging apps more wisely
Most ransomware attacks begin with a message that looks like it comes from a legitimate source – like your VP, or IT team, or a client – but in reality, it does not. Get into the habit of not responding on touchscreen devices like smartphones or tablets. Instead, wait until you’re back at your laptop or desktop PC, then use your mouse to hover over the message header information. Look for anomalies – like extra or missing letters or fake domains – in email addresses and URLs. Do not reply to suspicious messages and never click on links or buttons, either. Dispense with the notion that we need to respond to every message we receive.
2 – Smarten up your passwords
Weak password protocols and habits can significantly expose you and your organization to an attack. Update your password game with new, strong, unique passwords on all your corporate and personal accounts. Never use the same password for more than one purpose. Instead, use unique passwords for each app, website, or service. Never use an easily guessed password, like a pet’s or a partner’s name. Change them often, at least quarterly but ideally, monthly. Use strong passwords – mix in upper and lower-case characters, as well as numbers and special characters. Even better, use pass phrases, as they can be even more difficult to crack. Use a password manager if you’re having trouble managing them all – because as much of a hassle as it is to be password-safe, it’s an even bigger hassle to recover from a cyberattack.
3 – Update your devices and apps
Cybercriminals just love targeting devices whose software hasn’t been updated in a while, as they lack critical security patches and fixes and are consequently that much more vulnerable. For any internet-connected device on the same home-based network that’s also being used for corporate work, make sure you’ve updated to the latest version of the operating software or firmware that runs it. Do the same for your apps and your browser.
Pro Tip: Turn on auto-update for all your devices, apps, and browsers to minimize your exposure to fast-emerging threats. Check with your IT department to ensure they’re keeping corporate-deployed hardware maintained from their end, as well.
4 – Set encryption to kill
Encrypted data is like the secret decoder rings of our childhood: bad guys can’t read it unless they have the ring. To them, it’ll be gibberish. Use a virtual private network – VPN – to encrypt all traffic on all devices. Many devices, apps, and services now have encryption built into the settings – all you have to do is turn it on. If all of this sounds like gibberish to you, reach out to IT to ensure they’re applying the latest levels of encryption to all devices and apps that you’re using to get work done.
5 – Tighten authentication
If you aren’t using two-factor authentication (also sometimes referred to as 2FA, or multi-factor authentication/MFA) stop what you’re doing and activate it now. It ensures that even if your password is compromised, there’s another layer of security – like a fingerprint or facial scan – to go through.
6 – Check file extensions carefully
Ransomware attacks often originate with infected email links – and clicking on those links could unleash enormous damage to the corporate network. One of the best ways to protect against this type of attack is by getting to know which file extensions are most likely to harbor malware and other threats. If you receive a link with the file extension .VBS, .EXE or .SCR, do not click on them. Instead, check with the IT team, as these executables could be carrying dangerous payloads. Pay close attention to Microsoft Office extensions, like .DOCX, .XLSX, or PPTX, as well, as they, too, could contain automated scripts that, upon being clicked, infect your device with malware.
7 – Stop oversharing
Revealing too many details about yourself – both on social media as well as across email and other messaging platforms – could make you a prime target for cybercrime. Review your profile information on all your public-facing accounts. Set limits on who can see what you post – but remember that nothing is every truly private online. Get rid of old posts that might contain private or sensitive data that cybercriminals could use in a potential attack. Scan your friends and followers and get rid of questionable connections.
8 – Get to know your IT team
When we all worked in physical offices, it was easy to wander over to the IT team whenever we had a problem. With the rise in remote and hybrid work, those face-to-face interactions aren’t always possible, and the cyber criminals know that. One of the most insidious forms of cybercrime involves the impersonation of IT workers. Connect with your team virtually and discuss current protocols for how IT connects virtually with employees, and the resources they’ve put in place to ensure no one ever successfully impersonates them. Make sure you’ve reviewed and signed off on corporate policies around acceptable use of technology, and cybersecurity best practices. It’s there for the taking – but we’ve got to review and understand the rules.
Working from home can be both productive and freeing, but it also opens the door to fast-evolving cyberthreats. As cybercriminals increasingly target at-home workers, it has never been more important to ensure your behaviors aren’t exposing you and your organization to unnecessary risk. You rely on your employer for your paycheck, and the last thing you want to do is be responsible for the next ransomware attack.