Cybersecurity and covid-19: better protection in this time of health crisis
Many situations today make it easier to set up computer attacks and other cyber-malicious practices.
This is due in particular to the increasing number of teleworkers and individuals who connect much more to the Internet because of containment. There are more than 50 countries that have adopted containment to stop the virus from advancing. If we do the count correctly, we will talk about almost 3 billion people. This has had a considerable influence on bandwidth consumption, which is of course to the liking of cyber criminals.
This article will also interest you: The global health crisis in favour of cybercrime
Acts of cyber malice have become fashionable. On the other hand, companies have decided to opt for telework. However, poor adaptation of remote work can create more problems than solving the solution. "Telework is proving to be the "solution" of business continuity at least for companies that are already organized and for the functions that can. Uncontrolled implementation of telework can significantly increase security risks for companies or organizations that use it. It may even jeopardize their activity in the face of cybercrime that is redoubling its efforts to take advantage of this new opportunity (but also increasingly in the face of state-sponsored groups). highlighted Sophie Di Meglio of Swiss Risk and Care.
The question of the resurgence of cybercrime in this period of health crisis is a challenge for several institutions. FINMA, in a march 19 press release, noted: "In the current coronavirus situation, there is an upsurge in phishing fraudulent emails. Cyber criminals try to take advantage of the insecurity and impersonate different senders to send malware." This was confirmed in a report published by Europol on 27 March 2020.This report describes the extent to which cyber-prisoners are taking advantage of the health crisis, but not limited to the internet. Several other swiss confederation institutions, including the Information Security Registration and Analysis Centre and the National Network for Supporting Investigations in the Fight Against Computer Crime, have alerted Internet users and other users of digital services to the danger these days. The idea of motivating the majority of individuals to adopt the best possible practices to deal with this wave in cyber malice. State structures and private companies are organizing to effectively combat the rise of digital crime. We remember this group of 400 computer security experts from 40 different countries who decided to create the famous League to fight cybercrime. This structure has been in place since March 27. The aim is to dismantle the networks of cybercriminals and to protect the health institutions, which are unfortunately on the front line in this war.
In addition, another significant measure is the cyber insurance system. Indeed, it is important for all structures to have insurance at this level. However, due to some difficulties in terminology and the organization of insurance policies, other problems may arise. Therefore, cyber insurance yes but this does not exclude liability of the insured when certain provisions will not be present to ensure a minimum of security taking into account the conditions and requirements of the moment. Sophie Di Meglio wrote: "Some policies, when they insure technical failures in addition to computer malice, may include an exclusion to ensure that it is maintained in Computer Security. Thus, an exclusion may require anticipating the operational need, even if it is higher than normal. In other words, in a context such as massive use of telework or if there is a lack of staff available for server maintenance, any technical failure resulting from this situation resulting in a total or partial unavailability of the computer network would not be covered. ». In other words, my insurance provisions are not likely to encourage the company to neglect good safety practices. Prevention is always the order of the day.
Apart from that, good practices remain the same:
– Focus on dual-factor authentication.
– Continue to back up its system on a regular basis.
– Use a private virtual network for remote and even internal exchanges
– Regularly update its software and systems.
– Set up an electronic correspondence control system.
– Check the identities of the people you deal with every time there is a transaction going on.
Now access an unlimited number of passwords: