Online criminals don’t have an ‘off-season,’ so maintaining excellent security hygiene should be a top priority no matter what day, week or month it happens to be. That said, Safer Internet Day is a great opportunity to take a step back, educate yourself on today’s top threats and renew your commitment to strong security. Here are a few key tips and best practices to keep in mind this year:
Combat automated spear phishing attacks
One major security threat every person should be on the lookout for is spear phishing. These attacks involve highly targeted and convincing emails with specific and accurate details about you, your company or your personal life. Their goal is typically to get you to click on a malicious link that will lead you to give up privileged login credentials, download files that spread malware, disclose confidential information or even transfer money. In the past, spear phishing required hackers to go through manual and time-consuming processes, but this will change in 2021. We believe threat actors will combine automated phishing tools and programs capable of trolling social media networks and various websites to unleash a tidal wave of customized, believable spear phishing attacks. By cutting out the manual processes, cybercriminals can increase the volume and success rate of their campaigns. Additionally, as society continues to grapple with the impact of COVID-19, global political strife, and general financial insecurity in 2021, expect to see these automated spear phishing attacks prey on fears around the pandemic, politics, and the economy.
Some security services like DNS filtering can prevent such attacks from succeeding, but one essential best practice to avoid falling victim to a spear phisher is to watch out for the warning signs. Be on the lookout for requests from managers or co-workers that seem out of the ordinary. Check for any details that just don’t add up. Always check the full email address to ensure it’s from a legitimate source, but don’t always trust that either, as attackers can spoof email addresses if your domain doesn’t have the right protections. It ultimately comes down to remaining vigilant and using an abundance of caution. Never download files from unfamiliar senders, skip the link in favor of manually typing in your intended destination, and when in doubt, forward the email to your IT or security department for closer inspection.
Be wary of worms targeting home networks
The pandemic forced most of the world to transition to remote work practically overnight. This shift has persisted for the past year and will continue throughout 2021 and beyond. As a result, you can expect cybercriminals will change their tactics and create attacks specifically targeting you while you work at home beyond the protection of most corporate security controls. We expect that cybercriminals will exploit your (likely) under-protected home network as an avenue to access valuable corporate endpoint devices. Malicious hackers will leverage worm functionality modules in malware designed to deliberately seek out and infect company-owned laptops with VPN connections to try to infiltrate corporate networks.
There are two things you can do to make sure your VPN connection doesn’t become a back door to your corporate network. First, make sure your IT or security department has some sort of endpoint protection service installed on your home-based computer. Second, ask your IT department to verify that your VPN requires an endpoint health check before allowing connections back to headquarters. This way, worms preying on home-connected devices to target corporate networks will have more difficulty infecting the computer in the first place and won’t be able to make a VPN connection if they are infected or lack the normal security policy.
Adopt a password manager and implement MFA
Authentication attacks and the data breaches that fuel them have become a daily occurrence. Cybercriminals have found incredible success using the troves of stolen usernames and passwords available on underground forums to compromise organizations using password spraying and credential stuffing attacks. These attacks take advantage of the fact that many users still fail to choose strong and unique passwords for each of their individual accounts. Just look at the dark web and the many underground forums. There are now billions of usernames and passwords from various breaches, widely available, with millions added every day.
Another way to improve your internet security posture (and that of your employer) is to use a password manager and multi-factor authentication (MFA) wherever possible. Password managers can help create strong, unique passwords for each and every one of your online accounts. This will ensure that attackers can’t use one compromised credential to access multiple accounts. Combining a good password manager with MFA across all your important online accounts is the most effective way to prevent unauthorized access.