With businesses moving to more digital and remote ways of working to curb the spread of COVID-19, small and medium firms are now even more exposed to cyber threats.
According to New Zealand’s national Computer Emergency Response Team (CERT NZ) there has been a spike in COVID-19-themed scams, including those designed to attack remote working systems like Nefilim ransomware.
“Reports of incidents were up 38% last year; from 3,445 in 2018 to 4,740 in 2019 according to CERT. The top three attacks were phishing and credential harvesting, scams and fraud, and unauthorised access,” said Andrew Beven, cyber insurance specialist at business insurance provider NZI.
“But just like risks to the physical security of your business, you can protect yourself against cyber threats with the right preparation and tools.”
NZI offered the following 10 cyber safety tips for businesses:
- Use strong passwords with multi-factor authentication – this includes multi-factor authentication to secure company devices.
- Don’t ignore software updates – cybercriminals can use weaknesses and security loopholes in outdated software to access a company’s devices and network.
- Train employees to be cyber-safe – ensure that employees are trained to use any new devices or software and know how to spot and report a cyber incident.
- Install anti-virus software – make sure the anti-virus software is set to automatically install updates, to protect against the latest threats and viruses.
- Use a business VPN – a virtual private network (VPN) creates a secure web connection between home devices and office networks so staff can safely share data while working at home.
- Remember to back-up important information – this includes data critical to the business, such as customer details and financial information.
- Keep portable devices secure – aside from cyber security, physical security is also important, in case an employee’s home is broken into and a device is stolen.
- Assess risk in the home office – talk to employees one-on-one to assess their home work environment and discuss any changes they need to make to their work processes.
- Stay cyber-clean – conduct an IT audit as least yearly, checking passwords, software updates and the security of the VPN.
- Insure against the unexpected – NZI helps customers build cyber resilience by helping them understand and prepare for cyber risks and providing cyber insurance.