Cybersecurity of connected objects and remote work

What is a critical approach to the two realities of the word digital?

Distance work has now become a professional standard. A lot of companies are switching to this model of work. Unfortunately, this system has also constrained, the massive use of personal tools in the context of work. And that did not put the issue of cybersecurity, which was at first, a very pervasive problem.

This article will also interest you: Confinker: Connected objects to the test of an old computer program

According to a study conducted by Loockout, a cybersecurity firm, the first quarter of 2020 saw an increase in phishing mobile attacks by more than 37%.

In the first three months of 2020, the number of phishing attacks on mobile increased by 37% according to Loockout figures. As is customary, hackers tend to use social phenomena to initiate their cybercrime partner. Either to put certain products up for sale, or to use any situation to extract money from careless users

"The attackers will always exploit societal events such as health crises, political campaigns or major product launches to encourage their victims to forget about safety warnings.

By exploiting a more personal theme that generates an instinctive reaction, the attacker creates a situation where his victim will no longer inspect the link or web page he presents and click on it without thinking. Lookout.

According to the security company, even before the coronavirus pandemic, it was like 50% of users of the Microsoft Office 350 or Google G Suite suites were much more exposed to cyberattacks than others. The trend continues with the tools provided by the tech giants. This is also the case with Alexa, Amazon's voice assistant. It is understandable then that the possibility of attacks from cyber criminals can exchange names such as circumstances and opportunities at any time.

Indeed, the majority of people believe that a phishing attack will necessarily come from a corrupt email, which will lead the user to a fake site that will raise their credentials or other information. While in practice, the majority of links but not to fakes come once from SMS or social networking platforms such as Facebook, Twitter or WhatsApp. Mobile users are now the most targeted by this type of campaign. Especially the links no longer know exclusively to direct to default website. They can be used to infect the victim's device, automatically running malware, which can be useful to hackers to exfiltrate the information they want or even spy on the targeted user.

For this reason, information system security teams must realize that simple tools to protect against cyberattacks cannot protect their systems and employees from such acts. Several practice safety measures need to be put in place. This includes the use of VPNs, the implementation of multi-factor authentication, and the use of MDM (Mobile Device Management) solutions for the management of these devices. In addition to this a picky control must be organized around user differences because no matter which security measure developed, the main flaw is the human being.

The security company Lookout said: "Your IT and security teams can no longer rely on their traditional security infrastructure to protect the business.

Mobile devices must now have the same level of protection as desktops.

Integrating a mobile security platform into your organization's security strategy will both secure the devices and ensure compliance across the entire mobile fleet, protect employees from mobile phishing, and eliminate any risk of mobile fraud for consumers.

By understanding the extension of the threat environment, you can train your employees on ways to detect phishing attempts and malicious activities.

The first line of defense against a phishing attack is none other than users, and their training in mobile security is therefore a high priority for any company.

Your mobile security platform will also need to be able to protect both employees and consumers from the entire spectrum of mobile risks. ».

Now access an unlimited number of passwords: