The end of lockdown edged ever closer this week, as Boris Johnson revealed that some parts of the UK are only a few days away from being able to visit car showrooms and outdoor markets.
That, along with some schools restarting next week, signals that we’re close to some semblance of normality, including the prospect of organisations reopening their offices.
Of course, it won’t simply be a case of returning to business as usual. Social distancing measures will still be in place, and it’ll take a lot of planning to implement them and satisfy employees’ concerns.
Meanwhile, you still need to manage ongoing threats – including cyber attacks, coronavirus-related scams and employees’ wellbeing – all of which makes this a critical time for your organisation.
Find out how you can stay safe, productive and healthy in our latest COVID-19 round-up.
You’ve probably seen first-hand the increase in cyber attacks during the pandemic, but a new research has shed light on just how extensive the threat is.
According to cyber security company Darktrace, the proportion of malicious email traffic has increased from 12% at the start of the lockdown to more than 60%.
This includes attacks such as fake requests to reset VPNs, bogus Zoom sign-in pages and criminal hackers posing as colleagues on work systems.
For example, Darktrace noted that some cyber criminals have compromised corporate messaging systems and contacted employees to try to get them to hand over sensitive information.
Attacks such as these have been more successful during the lockdown because scammers know the target and subject can only communicate remotely, preventing the the scam being discovered through face-to-face conversation.
Similar spoofing attacks include a criminal hacker posing as a company chief executive asking employees to donate to a health charity, or as an IT support department asking workers to download new software.
Over the past two weeks, cyber criminals posing as the Johns Hopkins Center have sent vast numbers of phishing emails asking recipients to download a document titled “WHO COVID-19 SITUATION REPORT”.
If the recipient opens the attached Excel file, they will be prompted to run an Excel 4.0 macro, which will download the remote access tool NetSupport Manager.
So what exactly does that mean?
Anyone familiar with phishing will know that macros are often where cyber criminals hide their payload. By enabling them, you release malware on your system.
Meanwhile, although it’s a legitimate tool, NetSupport Manager is known for being abused by crooks to gain remote access to – and run commands on – compromised machines.
This is just one of countless phishing scams that’s using the uncertainty surrounding coronavirus to trick people.
To help combat the threat, the NCSC (National Cyber Security Centre), the UK government’s cyber security agency, has created a service to spread awareness of scams cashing in on COVID-19.
Its Suspicious Email Reporting Service allows people to report any suspicious emails they receive. If the NCSC discovers any activity it believes is malicious, it may:
- Block the email address that the email came from;
- Work with hosting companies to remove links to malicious websites; and
- Raise awareness of the scam and the methods it uses.
Many have found the sudden shift to remote working so smooth that they are happy to make it a permanent move.
A Gartner study revealed that 41% of employees want to continue working remotely some or all of the time after lockdown – up from 30% before the pandemic.
However, while there are clearly benefits to remote working, things won’t be the same when offices reopen and there will be new challenges to address.
For a start, working from home in a post-lockdown scenario might feel even more isolating, as you and your colleagues are no longer bound by being ‘in it together’.
Those who return to the office are likely to resume normal work practices and may not be able to make the time to socialise with remote workers.
Likewise, technical difficulties will probably take longer to resolve, as the IT team will once again be prioritising the systems and employees on the premises.
These are issues that organisations and their employees should consider carefully as we ease our way out of lockdown.
Tips for working from home
As we enter the tenth week of lockdown, there isn’t much more advice we can give on working from home – so we’ve decided to recap some important lessons we’ve learned.
- Check that you haven’t accidentally left your camera and microphone on. Mistakes like this could lead to embarrassing or unprofessional situations, or worse yet, could result in information being shared with unauthorised parties.
- Make sure you don’t have any sensitive information in the background when you make video calls.
- Catch up with your colleagues socially. This helps break up the isolation that comes with remote working and is a chance to discuss any lingering problems that might be affecting employees’ productivity and wellbeing.
- Block out time in your calendar when you need to get work done and don’t want the distractions that come with messages and video calls. You can also change the status of your instant messaging client to ‘busy’ or ‘do not disturb’.
The discussion of the effects of coronavirus on organisations has been dominated by the human effects: phishing emails, the pros and cons of working from home and the logistics of getting people back into the office.
But we’re also getting a clearer picture of the way the disruption has shaped organisations’ day-to-day operations.
Our new infographic COVID-19: Cyber Security and Data Privacy Considerations describes the way organisations have been affected, and the steps they should take to address the challenges they face.
Coronavirus: your biggest challenge yet
Between the increased threat of cyber crime, the security threats of working from home and the mental toll that isolation has on employees, coronavirus has presented a huge challenge for organisations.
One virus is enough to contend with. Make sure you’re prepared to tackle whatever else comes your way with our packaged solutions, which include tools and services to help you address remote working best practices, network vulnerabilities and a host of other issues.