Working from home? Protect against cyberthreats

Cybercriminals are taking advantage of the disruption caused by COVID-19 and it is critical consumers and businesses take steps to stay safe online.

From phishing attacks, to malware to data breaches, cybersecurity and threats to consumers and businesses remain a constant concern within the telecommunications industry. That concern has been intensified with millions of employees working from home to slow the spread of the coronavirus.

“The Texas Telephone Association and our member companies take cybersecurity seriously and we encourage everyone to take steps to defend against malicious cyberattacks,’’ said Russell “Rusty” Moore, general manager and chief operating officer of BBT and president of the TTA Board of Directors. “It is more important than ever to remain vigilant online.”

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in early March released an alert reminding individuals to remain  vigilant for scams related to COVID-19.

“Cyberactors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes,’’ CISA said. “Exercise caution in handling any email with a COVID-19-related subject line, attachment or hyperlink and be wary of social media pleas, texts or calls related to COVID-19.”

CISA encourages individuals to take the following precautions:

  • Use caution and avoid clicking on links or attachments in unsolicited emails to avoid social engineering and phishing scams.
  • Rely on trusted sources – such as legitimate, government websites – for up-to-date, fact-based information about COVID-19.
  • Secure financial information and do not reveal personal or financial information in email and do not respond to email solicitations requesting financial information.
  • Verify a charity’s authenticity before making donations to avoid charity scams.

CISA on March 13 issued an alert encouraging organizations to adopt a “heightened state of cybersecurity” with employees working remotely.

As organizations use virtual private networks (VPNs) for telework, “more vulnerabilities are being found and targeted by malicious cyber actors,’’ CISA said.

When considering teleworking programs, CISA recommends the following steps:

  • Update virtual private networks, network infrastructure devices and devices being used to telework with the latest software patches and security.
  • Alert employees to an expected increase in phishing attempts.
  • Make sure IT security teams are prepared to ramp up cybersecurity response, including detecting attacks, responding to incidents and recovery.
  • Implement multifactor  authentication on all VPN connections to increase security and require teleworkers to use strong passwords.
  • Make sure IT security teams test VPN limitations to prepare for a potential mass usage.
  • Report incidents, phishing, malware and other cybersecurity concerns.