SINGAPORE - Mute the microphone and cover up the webcam after a teleconference, and lock the computer screen if you are walking away to take a break.
These are among the measures recommended by SingCert (Singapore Computer Emergency Response Team) to stay cyber-safe while telecommuting - a reality faced by many today as companies increasingly activate their business continuity plans amid the coronavirus outbreak.
In the advisory published on its website on Friday (March 27), SingCert, which is part of the Cyber Security Agency of Singapore, said: "Opportunistic cyber threat actors are capitalising on the situation to conduct malicious cyber activities by exploiting vulnerabilities in solutions or unsecured networks to gain unauthorised access to users' data or the organisation's network."
Employees should therefore also use a secure Wi-Fi network, and send sensitive information over virtual private network (VPN). Change the default password of home routers and also check that security settings are set to enable automatic updates, and disable UPnP (universal plug-and-play), which refers to the feature of allowing devices to discover each other on the network.
Besides ensuring that networks are secure, workers must beware of Covid-19-themed threats, such as phishing e-mails that trick users into giving up sensitive information such as payment details, or scams involving impersonation websites.
Last month, the World Health Organisation (WHO) issued a warning stating that scammers were disguising themselves as WHO representatives via phishing emails and fake websites, among other means, to con people out of personal information and money.
Reports say one such phishing attack involved emails allegedly sent from a WHO staffer luring users to download an e-book on how to protect children and business centres safe during the Covid-19 crisis. Anyone who clicked on the link, however, would end up downloading an information-stealing trojan Formbook.
To prevent such cyber attacks from happening, SingCert said that users should always refrain from clicking on attachments or links from unknown sources. Even if the e-mail or text message appears to be from a familiar source, always double-check details for authenticity, such as in the spelling and grammar of the language.
When unsure, it is preferable to refer to official sources such as the Ministry of Health website for any updates related to the virus.
Organisations, meanwhile, should ensure that their VPN or other remote access services are updated with the latest security patches. They should also enforce strict security policies such as the frequency of change and strength of passwords.
SingCert said: "With Covid-19-related threats escalating on the cyber front and the move to remote access technology as a key means of communication, the need to enforce cyber security is vital for organisations to deliver essential business operations. Hence, organisations and employees need to be prepared, and adopt a heightened state of cyber security to enhance their cyber security postures and stay cyber-safe while telecommuting."
