• Home
  • ABOUT US
    • PROFILE
    • GOVERNANCE
    • PARTNERSHIP
    • WORK WITH US
  • ADMISSIONS
    • STUDY WITH US
    • COURSES
    • APPLY ONLINE
      • GOVERNMENT SPONSORED
      • SELF SPONSORED
  • SCHOOLS
  • LIBRARY
    • INSTITUTIONAL REPOSITORY
    • REMOTE ACCESS
    • PAST EXAM PAPERS
    • LIBRARY CATALOGUE
    • E-RESOURCES
  • STUDENT LIFE
    • STUDENT LEADERSHIP
    • SPORTS
    • CLUBS AND SOCIETY
    • UNIVERSITY HEALTH
    • COMMUNITY SERVICE
  • MEDIA
    • UNIVERSITY DOWNLOADS
    • P.I.U BLOGS
    • EVENTS
    • GALLERY
  • CONTACT US
Have any question?
+254 740 635 657 |+254 700 372 354 |
info@piu.ac.ke|
E-LEARNINGEXAM PORTAL
Pioneer International UniversityPioneer International University
  • Home
  • ABOUT US
    • PROFILE
    • GOVERNANCE
    • PARTNERSHIP
    • WORK WITH US
  • ADMISSIONS
    • STUDY WITH US
    • COURSES
    • APPLY ONLINE
      • GOVERNMENT SPONSORED
      • SELF SPONSORED
  • SCHOOLS
  • LIBRARY
    • INSTITUTIONAL REPOSITORY
    • REMOTE ACCESS
    • PAST EXAM PAPERS
    • LIBRARY CATALOGUE
    • E-RESOURCES
  • STUDENT LIFE
    • STUDENT LEADERSHIP
    • SPORTS
    • CLUBS AND SOCIETY
    • UNIVERSITY HEALTH
    • COMMUNITY SERVICE
  • MEDIA
    • UNIVERSITY DOWNLOADS
    • P.I.U BLOGS
    • EVENTS
    • GALLERY
  • CONTACT US
  • Home
  • Blog
  • Blog
  • #COVID-19 HOW TO PROTECT YOURSELF FROM CYBER-ATTACKS WHEN WORKING FROM HOME

#COVID-19 HOW TO PROTECT YOURSELF FROM CYBER-ATTACKS WHEN WORKING FROM HOME

  • Posted by Pioneer International University
  • Categories Blog, School of ICT
  • Date May 5, 2020
  • Comments 1 comment

Some employees are working from home for the first time and other businesses are opting for this kind of arrangement to enable business continuity while meeting their employees’ safety as well However, it is a prime time for cyber—attackers to target businesses as more employees work from home. The attacks can be in the form of malicious software (malware) targeting their personal computers (PC) or phishing emails to intercept sensitive communication such as authorization of payments.

As many companies adopt work-from-home policies in response to the COVID-19 pandemic, cybersecurity is a growing issue. Cybercriminals are seeking to exploit coronavirus to target companies and individuals.

Here’s how businesses and employees can protect themselves online.

As we navigate the challenges posed by COVID-19 and the need to halt the spread of this deadly pandemic, many of us are settling into a routine of working from home. This can pose many difficulties, including how to maintain focus, how to balance other priorities, such as childcare, and how to be productive without requisite tools or dedicated office space – not to mention the struggle to avoid raiding the whole snack cupboard in one day.

There are compromises to be found for many of these challenges in what we hope will be a relatively short-term arrangement. What we must not compromise on is security.

Many cybercriminals are seeking to exploit our thirst for information as a vector for attack. Most commonly, as with other high-profile events, attackers are using COVID-19-themed phishing e-mails, which purport to deliver official information on the virus, to lure individuals to click malicious links that download Remote Administration Tools (RATs) on their devices.

In addition, there have been multiple reported cases of malicious COVID-19-related Android applications that give attackers access to smartphone data or encrypt devices for ransom. The global pandemic has also led to the creation of more than 100,000 new COVID-19 web domains, which should be treated with suspicion, even though not all of them are malicious. (Palo Alto Networks is continually updating the latest COVID-19 related cyber threats here.)

Attackers are also taking advantage of the fact that many people who are working from home have not applied the same security on their networks that would be in place in a corporate environment, or that enterprises haven’t deployed the right technologies or corporate security policies to ensure that all corporate-owned or corporate-managed devices have the exact same security protections, regardless of whether they’re connected to an enterprise network or an open home WiFi network.

Hackers are taking advantage of the panic caused by the COVID-19 outbreak.

The guide serves to protect everyone working from home in these times and

beyond.

Email

We have highlighted some of the most common  security challenges with emails below:

Password Hijacking

This is a process where an attacker steals the email login credentials of an employee. This can be done in many ways such as by using a password-cracking tool, redirecting a user to a malicious website that looks legitimate, looking over the shoulder of a user as he or she types their password, using a keylogger that records a user’s keystrokes as they type in their passwords

The solutions to preventing email compromise are simple:

Change/Use Strong Passwords Employees should use strong passwords. We also recommend that passwords be changed monthly

Avoid Logging into your Work Email from “Unknown” Computers Computers and devices not owned by employees (or the company) are unknowncomputers, as the software and programs running on them are not completely known to the employee and as such should not be used to login to work emails.

Understanding Phishing Scams Phishing scams target unsuspecting users with legitimate looking offers or propositions aimed at deceiving them into giving out information they should not give out.

Content Sniffing

Hackers can eavesdrop on content passing through a network which can allow them to get hold of credit card information, login credentials (usernames, passwords, phone numbers, etc.) and even files shared. Content sniffing is common when users connect to insecure or public networks

Employees can protect themselves from this type of attack by:

Connecting Only to Trusted Networks Working from home means that employees will work with whatever network available. This includes home network and public networks, and both come with different types of risks. Employees, especially those who work on sensitive materials or documents, should only connect to networks that have been tested to be secure (this eliminates using public networks altogether).

Using Secure Browsers Using the right browser is vital for email (and communication) security. Below is a list of secure browsers you should (seriously) consider using as you work from home: Firefox browser, iridium browser, brave

Avoid websites with HTTP and not HTTPS: Websites without a security certificate will display a “Not Secure” notice in the URL address bar. Such websites should either be completely avoided by employees, or they must avoid entering any vital information on such websites (like usernames, passwords, credit card numbers, etc.).

Phishing

This is the fraudulent practice of sending emails claiming to be from a reputable or trusted source in order to induce individuals to carry out an action intended by the hacker or perpetrator.

COVID-19 Phishing Scams

Phishing is a cybercrime where a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking details, and passwords.

How to protect yourself from falling victim to Phishing

Scrutinize the sender’s email address-Email addresses can be easily spoofed. An attacker may create an address very similar to the Manager’s or CEO’s asking an employee to urgently send a file or complete a transaction. Employees should scrutinize emails and pay attention to these nuances, especially if the sender is requesting you to click on a link, download a file or send critical/confidential information.

Analyze the tone of the mail-Phishing emails typically sound urgent or seek to instill fear or panic or exploit the basic human tendency to trust. Unsolicited mails that seem urgent or appears legitimate but asks you to do something unprecedented or mistrustful (e.g., does your manager usually require your username and password because his unfortunately isn’t working?).

Inspect the link or attachment- Don’t click on links or open attachments from unknown sources. Attached links and files are the holy grails of phishing scams. Downloadable files within emails don’t have to be downloaded, and if they are from an unknown source, they shouldn’t be downloaded at all.

Don’t forward suspicious emails to co-workers

Report suspicious emails to the IT department.

Errors in grammar: Phishing emails often contain spelling or grammar mistakes, Note grammatical errors in the text of the email; they’re usually a sure sign of fraud.

Free giveaways and gifts: There’s no such thing as a ‘free gift’!  If you have been approached with special offers, free memberships, discounted products etc., it is likely a scam. It is advised to manually enter the website of the company you’re looking to buy from, and not click on links sent to you

Never donate to charities via links included in an email; instead, go directly to the charity website to donate.

Device Security

How do we protect smartphones, laptops, tabs, computers etc. from unauthorized access? Keeping devices safe when working from home is important as poor device security practices opens doors to cybersecurity challenges.

Here are some simple tips to follow for employees:

  1. Enable password protection on all your devices.
  2. Make sure to use strong passwords. Check the strength of your password here. Strong passwords are typically between 8-12 characters long and contain a mix of alphabets, numbers and special characters.
  3. Set antivirus and system update to “automatic”.
  4. Enable lock-screen and biometric security on devices (where it applies).

 

Network Security

Working from home means that employees are more responsible for their own internet connection than they are at work.

Here are some network security tips to keep in mind:

  • Secure your home router or MiFi devices: The important considerations here are the encryption standard (security level) of the router (is it “WPA”? “WPA+TKIP”? “WPA2+AES”?) and the password strength of the router/MiFi devices. Routers with the encryption standard of “WPA2+AES” are recommended. Every router has a default password. It is recommended that this default password be changed. To change the password, go to settings on the router.
  • Limit network range or radius: Individuals who operate their own home network should ensure that the network radius is limited to the area of use. Networks visible/accessible outside the home can be a strong target for hackers, who can position themselves around long enough to get into the network.
  • Network radius can be adjusted appropriately in the network settings on each router

Wandimi Murage (ICT Specialist at Pioneer International University) & Faith Musyoka (ICT Faculty Member at Pioneer International University)

Share:
  •  
  •  
  •  Tweet
  •  
  •  
  •  
  •  
  •  
  •  
  • Share:
Pioneer International University

Previous post

DEBATE CLUB
May 5, 2020

Next post

HUSTLE YANGU
August 28, 2020

You may also like

HUSTLE YANGU
28 August, 2020

Tell us about yourself and what you do. My name is Mike Omondi Mulinya. I am a 21-year-old full-time student at Pioneer International University, Kenya, pursuing a Bachelor of Arts degree in International Relations and Diplomacy. Visual art, that is, drawing and painting are my hustle. Who influences and inspires …

Share:
  •  
  •  
  •  Tweet
  •  
  •  
  •  
  •  
  •  
  •  
PHYSICAL FITNESS DURING COVID -19 PERIOD
20 April, 2020

Our immunity is on trial with the rising Coronavirus, (COVID-19). The fight cannot be won by the government alone; we all must play a part in keeping ourselves safe. Staying indoors, avoiding unnecessary movements, observing hygiene, and boosting our immunity is all we need to do to help curb this …

Share:
  •  
  •  
  •  Tweet
  •  
  •  
  •  
  •  
  •  
  •  
How to be productive working from home
8 April, 2020

We are living in an unprecedented time where many are working from home as a way of practicing social distancing to curb the spread of Covid-19. Working-From-Home (WFH) has caught many professionals off guard and without enough time and resources to set up proper workstations in their houses. Besides setting …

Share:
  •  
  •  
  •  Tweet
  •  
  •  
  •  
  •  
  •  
  •  

    1 Comment

  1. 720p izle
    December 10, 2020
    Reply

    Thanks for sharing your thoughts. I really appreciate your efforts and I am waiting for your next post thank you once again. Drusie Ossie Cletis

Leave A Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

IMPORTANT LINKS

  • Blog
  • Debate Club
  • Events
  • Games
  • General Published
  • Mentorship
  • P.I.U Blessed Allamano College of Technology
  • PIU Murangá
  • School of Aviation & maritime
  • School of Business & Management
  • School of Development & Strategic studies
  • School of ICT
  • Sports and Games

Calendar of Events

May 2020
M T W T F S S
 1234
567891011
12131415161718
19202122232425
2627282930  
« Apr   Aug »

SCHOOLS

  • SCHOOL OF BUSINESS AND MANAGEMENT
  • SCHOOL OF DEVELOPMENT AND STRATEGIC STUDIES
  • SCHOOL OF EDUCATION
  • SCHOOL OF INFORMATION COMMUNICATION TECHNOLOGY

STUDENTS LINKS

  • H.E.L.B.
  • Turnitin.
  • Students Email.
  • Microsoft Imagine Academy.
  • Examination Policy.
  • Admissions/Courses.
  • Career Development.
  • IMPORTANT LINKS

  • Year One 2020 Timetable.
  • ICT Support.
  • Faculty & Schools.
  • Equatorial Nut Processors.
  • Pioneer Group of Schools.
  • Pioneer International College.
  • P.I.U Blessed Allamano College of Technology.
  • CONTACT US

    P.O. BOX 33421, MURANG'A ROAD,
    OPPOSITE K.I.C.D, NAIROBI, KENYA.

    (+254) 740 635 657/(+254) 700 372 354

    admissions@piu.ac.ke.

    Copyright © 2021 Pioneer International University. All Rights Reserved.

    • FAQs
    • Site Cookies
    • Site Policy
    • Sitemap
    en English
    en Englishaf Afrikaansfr Frenchde Germansw Swahilihi Hindiar Arabichy Armenianzh-CN Chinese (Simplified)ja Japaneseko Koreanpt Portugueseru Russianes Spanishtr Turkishit Italiannl Dutchro Romanian