Like other businesses, firms have taken measures to mitigate COVID-19 related risks. These include, employees and associates working remotely or video conferencing to maintain efficiency while social distancing policies are in place.
Although focusing on the health of members and associate is important, it is also imperative to be aware of the cyber security vulnerabilities that are manifesting as well.
As workers accustom themselves to remote processes, financial firms should take steps to protect themselves and their clients from an influx cyber-attacks on home networks.
In March 2020 FINRA released a notice that firms should take appropriate measures to protect client information on business and home networks as well as mobile devices and tablets.
Cyber Attacks On The Rise
Cyber attacks related to financial relief checks went up in the last few weeks, while hackers continue to target vulnerable individuals.
Cyber security firm Check Point reported an average of 14,000 coronavirus-related cyberattacks per day in the past week, six times the average daily attacks in the second half of March. Additionally, this recorded number shot up to 20,000 daily attacks since April 7.
Coronavirus (COVID-19) related scams are growing exponentially as job loss, social distancing and unsecure home networks provide the conditions for hackers. Phishing scams, investment fraud, and fraudulent CDC emails are just a few ways cyber attackers are leveraging the virus.
According to a recent article by The Hill, the FBI saw a spike in reported cyber crimes on its Internet Crime Complaint Center (IC3), as hackers and cyber criminals take advantage of Americans’ move towards primarily online activity.
Home and Office Networks
Establish a secure connection when accessing your firm’s work environment. This can be done by setting up a VPN Virtual (Private Network) or partnering up with a Managed Services Company that can secure your network.
When using a Wi-Fi connection, secure it with security measures like WPA2 or HTTP strict transport security. These measures prevent hackers from accessing your network or infiltrate your site with man-in-the middle cyber-attacks.
Update software and patches regularly. Cloud security and compliance platforms like Workplace, which is used and integrated by Nerds Support as well, automatically run a diagnostics on potential security vulnerabilities on work devices.
Make changes to the user names and passwords of home Wi-Fi routers if they use default user names and passwords.
Always lock your screen when leaving your devices. Whether you are in a shared work environment or alone, it is never a good idea to leave your devices open when unattended and out of sight.
File and back-up your data frequently. For example, Nerds Support backs up all of our client data and store it in an offsite data center that can be accessed through our cloud network. This means that data can never be lost and guarantees all personally identifiable information (PPII) is safe and accessible by the firm.
Although we’ve gone over COVID-19 related cyber attacks in another blog, we’ll briefly review them here.
- Phishing scams that reference COVID-19, the coronavirus or related information.
- COVID-19 phishing scams that ask for personal information.
- Phone calls that request personal information like a password or payment card information. This is known as Vishing.
- Strange or suspicious emails that come with a link or attachment and request you to open them for “special offers” or deals.
Understand your firms policies and establish a business continuity plan. In the event of a security breach, an outage, a stolen or lost device, or phishing attack, what steps is your firm taking to remediate the issues?
When using a video conferencing app or service, ensure the appropriate security measures are included in their policies.
Develop a structure for access to sensitive data and systems.
Provide staff with all the necessary contact information. Establish a plan for communication (where and how). Are you communicating through a VoIP system or Video conferencing application?
Assess and Verify
Do not hesitate to alert your IT department or team when confronted with any of the issues we’ve discussed. It is not uncommon for remote workers to overlook these points. Keep constant communication with everyone in your IT team to ensure all protocols are being followed and your systems remain aligned within regulation standards.
If you want a free IT Assessment to verify your systems are secure you can always contact us here.
Now is the perfect time to assess your technology. Check if your existing IT is up to standard or consider c0-managed services to strengthen your IT capabilities.
Do you know if the computer you use to access client data is safe? Don’t compromise your firm by leaving security vulnerabilities unchecked.