PL
DE
UK
In the midst of the COVID-19 pandemic and working from home, one needs to be especially careful about online security. Cybercriminals are relentless in their increasingly sophisticated activities. What are some examples of cyber attacks in recent months?
According to the National Debt Register, during the pandemic, 41% of Poles use the Internet for business purposes an average of 2 hours longer than before. Most of these people work in the home office model. Digital criminals are aware that many “after-hours” employees do not follow online security guidelines and happen to use business computers for private purposes and vice versa.
Safety rules for remote working
If there is a risk of attack or a threat of data leakage or an attempt to take over the IT environment, it is advisable to check security policy rules, establish security policy rules, clear rules of cooperation and install tools. All this will increase the level of IT security control. It is also important to ensure that the employee has the right software to secure the end devices. If he works on private devices, it is worth providing a license for such software. Then we will secure the data of all employees of the company.
Attacks on remote devices
According to an Acronis survey, representatives from 31% of companies worldwide reported that their employees had been victims of a home office cyber attack. Experts estimate that this percentage will increase in 2021 due to weaker corporate network security outside the office. Personal devices and routers are mainly attacked, as well as Internet of Things solutions. Trend Micro analysts remind us that end users who have regular access to sensitive data will be most at risk of data loss, as well as HR employees, sales managers operating with sensitive customer information, and senior management handling sensitive data. Of course, almost everyone who handles data is vulnerable to attacks.
Loud examples of cyber attacks
- phishing campaigns in the U.S. that talked about vaccination without a queue. This is a particularly exploited context of pandemics, vaccines, based on fear and the basic human need for health and safety. FinCEN, a division of the U.S. Treasury Department, has issued a statement on ransomware attacks, crimes and other scams that exploit this context. Included in this category are: offering non-existent or counterfeit vaccines, illegally shipping genuine preparations to the black market, or offering access to vaccinations outside the current schedule. Other cyber frauds include the sale of non-existent masks, suspicious drugs, and phishing attempts under the guise of false compensation for patients.
- Phishing – impersonation of Netflix service. January 2021. The attack targeted Polish users of the service, who received messages about problems with subscription payments and threats of membership suspension. The messages included a link with “help” that led to a page that looked just like Netflix’s website. There the user was supposed to log in, provide personal information, payment card number, expiration date and CVV code. Phishing could be recognized by the use of very correct language and the absence of any punctuation or grammatical errors.
- Poland’s high-profile ransomware attack on CD Project, a company that produces Cyberpunk game, among others. Cyberpunk encrypted servers, stole source code and a lot of other data for the games “Cyberpunk 2077,” “The Witcher 3” and “Threads.” The thieves said they had copied all documents from the legal, accounting, HR and investor relations departments and demanded a ransom. CD Projekt has not reacted to these revelations, and has focused on recovering the data from the backup and minimizing the consequences of any potential public disclosure.
Cyber security: remember these rules
Find out how to take care of your cyber security.
How to choose a good VPN?