NEW DELHI: With companies across the world turning to work from home, via the online medium amid the COVID-19 outbreak, threats to cybersecurity have increased.
Deepak Bhawnani, CEO at Alea Consulting said: "Companies, large and little, are going to be impacted because of ramifications of work from home, as this will cause cybersecurity risk concerns. Proprietary corporate data is being accessed from laptops and home PCs that will not have an equivalent level of firewall and security as in-office setups.
Management and IT managers will subsequently reassess the risk to their data, and proactively evaluate their data loss prevention processes, as this could impact their reputation going forward, he added.
Further, cybercriminals have also begun to exploit fears round the COVID-19 outbreak to conduct email scams, phishing and ransomware attacks.
Palo Alto Networks' Regional vice chairman for India & SAARC Anil Bhasin said: "Cyber-criminals are exploiting fears involving the COVID-19 outbreak to conduct email scams, phishing and ransomware attacks. These emails and messages entice users to open malicious attachments by offering more information associated with the COVID-19 situation but contain malicious files masked under the guise of links, pdf, mp4 or Docx files.
With employees taking to work-from-home, cybersecurity threat multiplies, says Debasish Mukherjee, VP, Regional Sales APAC at SonicWall.
"These are precisely the times when hackers get creative with their malicious intent of hacking into devices and stealing data," Mukherjee said.
He noted that while caution is being exercised during this epidemic, there's a bunch of opportunistic cyber-criminals who are preying on this fear by developing malicious links and apps to hack devices and steal data. From creating malicious links to developing otherwise unsuspecting apps, the hackers of the digital age are becoming creative in executing their attacks.
Trishneet Arora, Founder & CEO of TAC Security noted that the low-security standards of home Wi-Fi systems, are a significant threat for the cybersecurity sector at the time with data of many people at stake.
"A few isolated incidents of cyber crimes have already been seen with unsafe links resulting in the theft of sensitive data. For instance, people are offering fake maps that show infected users, this needs the person to download software to get fake maps, successively making it a security concern," Arora said.
He observed that the role of cybersecurity companies at this moment is more critical than ever. it's essential at this moment to observe baseline behaviours and any anomalous cyber activity should be looked into in real-time basis.
Bhasin of Palo Alto Networks was of the view that employers ought to prepare employees who are unaccustomed to remote working to navigate the challenges involved.
This can be done through an informative framework to show staff the way to identify and avoid risks, as well as outline the clear procedures to follow just in case of a cybersecurity incident, he added.
Among other precautionary measures, he said that sensitive systems and data should even be restricted where possible, with access reviewed and granted to essential teams only. It should even be ascertained that work devices encrypt data at rest and are ready to protect data on the device if it's lost or stolen.
Michael Sentonas, Global CTO of CrowdStrike said that crisis management and incident response plans need to be executable by a remote workforce.
"A cyber incident that happens when a corporation is already operating outside of normal conditions contains greater potential to spiral out of control," he said.
He added that effective remote collaboration tools -- including out-of-band conference bridges, messaging platforms and productivity applications -- can allow a dispersed team to make a "virtual war room" from which to manage response efforts.
"At this moment, there's a requirement for the cybersecurity industry to be more dynamic and responsive than ever before," said TAC Security Founder Trishneet Arora.