Page 171 - Cyber Defense eMagazine September 2023
P. 171

1.  We do not share the same holiday and vacation schedule as cybercriminals

            Cybercriminals know that organizations and their employees are quite understandably less vigilant during
            the summer months and holidays in general and thus focus on these particular times to take advantage
            of a less vigilant workforce. They also know that the summer workforce may be dotted with temporary
            staff  or  contractors  that  may  not  have  had  the  same  security  training  as  their  full-time  staff.  Many
            employees, quite admirably, also continue to work remotely at least part of their days during the holidays
            and  this  creates  a  very  attractive  target  for  cybercriminals...corporate  leaders  working  on  company
            devices  using  public  Wi-Fi  to  connect  to  their  headquarters.  Everyone  has  a  busy  season  and
            unfortunately for us, the busy season for cybercriminals tends to be holidays, weekends and of course
            the summer months.



               2.  Public devices are just that...public!

            Try to avoid using public devices during your travel. It is so enticing to see a very nice, comfortable
            business center and decide to sit down and do some work. These devices are always available to hotel
            guests and employees around the clock and, in some cases, anyone at all who happens to access the
            lobby. These systems can be easily installed and configured with keyloggers or other malware that may
            compromise your login credentials and other personal information.



               3.  Public Wi-Fi is a hunting ground for cybercriminals

            There are things you can do, and more importantly as leaders, there are things that you can enforce
            through corporate policies that will make your organization more secure. One is to confirm that while
            traveling and working outside the office, you are using a secure Wi-Fi connection or simply using your
            mobile wireless connection to ensure encrypted transmissions between your device and the Internet.
            This can minimize, or even eliminate, the risks of popular attacks like Man-in-the-Middle (MitM) attacks
            where you may really be attached to a private router even though you assume that you are attached to
            a trusted router, or malware injections where someone else on the same wi-fi network is infecting your
            device with malware from another device on the network. Another thing you can do is to use a Virtual
            Private Network or a VPN once you connect to your public Wi-Fi. This will create a secure tunnel between
            you and your organization in which all data is strongly encrypted so that if the data is intercepted then it
            will be essentially unusable to whomever intercepted it.




               4.  You wouldn’t call a criminal and tell them you are going away so why post it on social
                   media?


            This is the most difficult one to adhere to and to stay diligent about. Who among us does not want our
            friends and family to know that we are on a beautiful mountaintop with our loved ones and simply enjoying
            life? However, while you are on that mountaintop, it is very evident to cybercriminals that you are not at
            your home, and more importantly, you are definitely not at your place of business. This means that there





            Cyber Defense eMagazine – September 2023 Edition                                                                                                                                                                                                          171
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   166   167   168   169   170   171   172   173   174   175   176