The issue is topical because we now know that remote work has become a standard.
The coronavirus epidemic that has hit the world for 3 months now forces most companies has opted for telework to not stop all activity. However, no one can deny that such a context is very favorable by the spread of another virus: that of computer science.
This article will also interest you: Cybersecurity in the test of telework in times of coronavirus
Cybercrime has been gaining more and more in recent times and this is more than worrying. However, we cannot stop working. It is for this reason that companies and individuals are advised to pay more and more attention.
As we suggest above, telework allows hackers to have more manoeuvring fields. As a result, it is easy for a malicious cyber to impersonate an employee or any collaborator in order to mislead a professional team, for example. And these kinds of cases are not just because of the theory, it really happens. And this is facilitated today by the fact that the work is done remotely between several collaborators and often through information systems that are not really well protected. "France has only begun its digital transformation and is not prepared for the massive telework of employees," warned Alexandre Lazarègue, a lawyer specializing in digital law. David Grout, CTO EMEA of the IT security company FireEye, noted: "Many companies see the number of phishing attacks using COVID19 as an argument, increase and user awareness is key."
In terms of the most common practice in the cybercrime sector, phishing is far ahead. Several thousand e-mails for this type of practice have been detected by security experts. On this point, the objective of cyber criminals remains the same: to steal important information as login credentials (such as usernames and passwords) financial information, etc. Most often attachments are supposed to be malware that will install as soon as you open them. The second major risk that could come from hackers after phishing is none other than the famous ransomware.
Ransoming software is the worst enemy of companies. At least for five years now. the ransoms demanded by hackers will not stop even though you are going through a troubled period. These cyber criminals believe it is time to take advantage of it. They don't even fail to take it from health institutions and small and medium-sized enterprises that for a while thought themselves safe from these cyber-prisoners. At this level, negligence may have caused a real deficit. Good digital hygiene and good practices are essential. and this does not matter the status of the company.
Practices to have good hygiene and protect yourself from cyber attacks
A lawyer specializing in digital law, Alexandre Lazarègue advises 5 essential practices to ensure good digital hygiene.
1 – Make sure you have all its terminals up to date
"Update software and operating systems as soon as they are available. These not only bring new features, they fix vulnerabilities. explains the lawyer
2- Make backups
Alexandre Lazarègue stresses: "Regularly back up data on media not connected to machines (external hard drive, USB key). »
3- Access must be protected by strong passwords
"Passwords must be robust and differentiated according to usage. There is also a need to restrict access, to manage rights, to compartmentalized uses. »
4- Use a VPN for its distance access
"The employee's connection to his company's information system must be secure. It is recommended to use VPN software that creates an Internet connection tunnel that makes what transits inside incomprehensible to outsiders and makes anonymous Do not connect to public wifi networks. notes Alexandre Lazarègue.
5- Set a verification protocol in the processing of electronic correspondence
In this regard: "You have to be careful in the processing of your emails (often used by hackers to infect a machine). Never open emails whose provenance or form is suspicious (unknown sender, very impersonal style, text visibly translated into French automatically …). When a supplier, for example, submits a new IBAN number for a transfer, a rigorous verification protocol should be triggered beyond a simple email exchange. ».
Now access an unlimited number of passwords: