Humans, as a weak point of computer security in this time of pandemic
Cybersecurity has been going through a tough time lately.
Indeed, with the expansion of remote work, and explosion of Internet traffic, hackers are more motivated than ever. The use of telework in a hasty but massive way has put companies' security systems at risk. They are obliged to open the network to facilitate telework for their employees.
This article will also interest you: Top 5 Cybersecurity Threats That Take Advantage of the COVID-19 Pandemic
And this, under the opportunistic eye of cyber criminals. Just to see the increase in cyber-malicious acts to confirm that this moment is benefiting them. The main activity of these cyber-prisoners revolves around the creation of websites. These websites obviously deal with the theme of the moment, coronavirus. The goal is to attract the maximum of an Internet user, collect their personal data, or to some extent install malware on their devices. With all this system in place, they will be able to enjoy it in their own way. Yann Gazoni, a computer security engineer at Adimian, said at the time: "The biggest activity for hackers at the moment is to set up websites dealing with coronavirus and to spread links to the evolution of the epidemic. Their usual springs – playing on fear and pressure – are currently enjoying a rather favourable ground… ».
This tendency for cyber criminals to attack Internet users highlights a very obvious reality, something that has been known for a very long time. Human beings are above all the weak point of cybersecurity. While it is true that no computer tool is 100% secure, the fact remains that vulnerabilities in computer tools cause fewer problems than those of humans. "The weak link in cybersecurity lies less in computer hardware than in individuals. Machines loaned by companies operate on local networks, without external connections, offering some form of protection against viruses. In these circumstances, the main result of cyber-risk is the lack of computer hygiene of employees confined to their homes. Indeed, the separation between work and private life appears more blurred.
A person in the household may inadvertently infect the protected professional network by surfing dubious sites. Stresses the engineer. Clearly, no matter what system is in place, if the people involved in the chain do not have good digital hygiene, no security will be effective, even at 50%. "Employees have little awareness of the importance of properly securing VPNs or "virtual private networks" that allow them to work from home. They usually use so-called "weak" passwords. Because the containment situation is favourable to e-commerce, it sometimes only takes a click on a link that reproduces the alert of a parcel tracking system to be "hooked". The virus forces the VPN password in thirty seconds and connects to the company's network. Yann Gazoni adds.
Therefore, the cybersecurity engineer emphasizes digital hygiene first. Good practice is a good way to preserve the integrity of its system. From passwords to email reception management, you need to be framed and seriously reconsidered. Some computer programs can help. In addition, it will be beneficial for companies to build a good strategy involving both hardware and humans. Good employee training is needed for others directly involved in the security strategy. Humans being the main flaw, any action to minimize its impact on the danger of computer systems are important.
In addition, "You should also not wait too long to do a system update when it is proposed, as they fix the flaws. Finally, I advise managers to clearly identify these major security risks, before communicating with employees. And rather than delivering bulk advice, it's better to distill it concisely and regularly. notes the computer security expert.
Beyond all this, companies need to think about the post-pandemic. Because other problems may arise.
Now access an unlimited number of passwords: