This is the second article in our 4 part Cybersecurity series:
As our jobs are changing due to the pandemic; cybercriminals' practices are also changing to take advantage of new opportunities. What are those opportunities? How will their new game plan impact you and your company's security?
In this article, we will look at how cybercriminals have changed their tactics and what you should be looking for to avoid their traps.
Early March 2020 in the United States found most people commuting to their office and working on company-issued workstations. Once the pandemic came into full swing the work environment changed drastically with nearly everyone utilizing remote software to work from home.
For a clear understanding on how remote software works read our article: Working from home: The right infrastructure for telecommuting success
Utilizing remote software increases a companies threat surface by adding more hardware to the equation. The hardware being used to access company assets is typically not company-owned and therefore not controlled by the company. This presents new opportunities for cybercriminals.
Personal computer security risks:
The combination of those 3 (especially 1 & 2) makes for a much easier entry point for cybercriminals.
In 2019 personal computers were twice as likely to be compromised as business computers. Now with many people working from home on personal computers, that number is projected to double.
I was recently on a webinar from one of our vendors and they presented this slide pertaining to phishing attacks in the United States.
Download the complete threat report.
These numbers are telling of where cybercriminals are shifting their focus. Now that personal computers are being used to access corporate networks; cybercriminals are focusing their efforts on this less secure entry point.
91% of cyberattacks start with a phishing email. What does a phishing email look like? Below are a couple of examples:
If there is a link in an email and you don’t personally know the sender OR it is worded in a way the sender wouldn’t normally communicate; don’t click the link or download an attachment. If something looks off; it probably is.
An email pertaining to business will typically be from a domain related to the company. If it’s: @gmail.com, @live.com, @hotmail.com, or @yahoo.com (like above) it should not be trusted without further investigation.
My personal email practice, if the email appears legitimate, is to go directly to the website where the email wants me to take action (verify password, check account status, review my extended warranty....) doing this alleviates clicking on links or downloading a form (aka virus) from an email.
There are other less common methods used by cybercriminals. For more information on those methods read our first article in this cybersecurity series.
At this point, you could start adding cybersecurity terminology to your resume, but I still wouldn’t challenge the IT Cave dwellers just yet.
In part 3 of our cybersecurity series we will look at cybercriminals' ultimate target and how breaches affect those companies.
I know you are all waiting on the 4th and final entry in this series where we will look at what you can do to protect yourself from cyberattacks. With the first 3 articles under your belt you will have an understanding of how cyberattacks are initiated and how likely you are to be targeted; making that final article impactful and easier to understand.
Stay tuned for the last 2 cybersecurity articles coming soon....
Matthew worked with Agave IT Services as a Brand & Content Consultant through 2020. He managed our company transition from Agave Solutions Inc. to Agave IT Services (dba). From our Logo to our online presence and business operations platform; Matthew created a solid foundation able to support our growth into the future.
We are an IT Services and technology company serving the southwestern United States since 2003. We specialize in supporting, managing, and deploying technologies for the AEC industries' unique requirements. We differ from the typical IT service provider in that we handle ALL your technology needs, freeing you to focus on your core business.