As the country prepares to go into a three-week lockdown from midnight tomorrow (26 March) to combat the national Covid-19 outbreak, businesses and employees across South Africa are putting the necessary measures in place to operate remotely. Unfortunately, this may create the perfect storm for cybercriminals to exploit.
This is according to Terence Govender, director of the newly-established IT Advisory division of Mazars South Africa. “During times of crisis, people are naturally more vulnerable to cyberattacks as cybersecurity is understandably one of the last things on their mind. Added to this, during the lockdown period, people are likely to be spending a lot more time online.
“Cybercriminals will no doubt try to take advantage of people and businesses while they are in this vulnerable state,” says Govender, who predicts a significant spike in ransomware attacks and phishing scams in the coming weeks.
This is especially concerning for smaller businesses with employees working from home for the first time, he notes. “While all businesses are at risk to cyberattacks, SME’s tend to be most vulnerable as they typically have fewer measures in place to protect their systems and data. And with staff working remotely, IT personnel may not be monitoring systems on a realtime basis – assuming they have not invested in realtime monitoring software.
“Another major target will be businesses operating in the medical, health and pharmaceutical industries – where cyberattackers are already claiming vaccine formulas in return for cryptocurrencies such as bitcoin,” Govender adds.
To guide businesses on how to minimise the risk of becoming cybercrime targets while staff are working remotely, Govender has provided the following checklist:
1. Ensure that all employee laptops have up-to-date anti-virus software and that all systems, including emails and USB ports, are enabled in order to be scanned;
2. Ensure that the relevant Virtual Private Network (VPN) software is enabled and/or two factor authentication (2FA) is implemented;
3. Where possible, ensure that hard disk encryption with maximum password requirements are applicable;
4. Ensure that the remote work security policies are the same as working on the network in the office;
5. Deploy collaboration software on laptops ahead of time and advise staff against downloading and/or configuring software independently or via instructions; and
6. Remind staff to change their passwords as per the password policy and do not allow for an extension of the period for password changes, eg. from 30 days to 90 days.
7. Remind staff not to open any suspicious emails, or emails from unknown sources at this time.
Since most people will be spending a lot of time online as a result of the national lockdown, with many working from home, Govender says that everybody needs to be especially wary of the websites they visit. “During this time, people should stay clear of transacting on sites that do not have the https: in the URL. The S at the end of HTTP, means that the site offers some security.”
And lastly, Govender says to resist the urge to download any Covid-19-related applications. “Rather use certified news platforms to receive updates, as there have already been reported cases of malware that has been written into so-called Covid-19 applications,” he says.