Since the middle of March there has been an official emergency in the United States and many other countries around the world due to the global pandemic triggered by the virus. Restaurants will remain closed, airports will be closed and home offices will become an everyday occurrence for many employees in order to reduce the number of cases of infection as far as possible.
However, this increases the risk that employees of a company become victims of social engineering or phishing attempts. The more isolated work and the greater distance to colleagues and the company infrastructure make employees more attractive targets for attacks. An attempt is made to use the distance to manipulate employees and to gain access to a company’s network and data. An example of this is the method of disguising and disseminating documents with malware as alleged information about the corona virus. The individual fear of those affected is particularly exploited for criminal purposes. If these documents are then opened on company computers or private computers with access to the company network, it is already too late.
“The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19).
Home Office Combines Business Hacking Risks
Another danger arises from the increased digital and telephone exchange among employees, which is required by the home office. This form of communication offers a larger area of attack for social engineering. This danger increases again exponentially if private equipment such as computers and telephones are used for working in your own four walls. These usually do not have the same security standard as the equipment in the office and are easier for potential attackers to identify.
It is therefore important for companies to protect their employees and consequently themselves in the home office. In addition to the use of equipment, the security of which is checked and guaranteed by the company, the establishment of a human firewall is essential to protect yourself. Through targeted security awareness training, employees must be trained to recognize, prevent and then report incorrect content, malware and attempted social engineering. This means that every single employee can actively contribute to the security of the company and its data.
