Since the outbreak of the COVID-19 pandemic pivoted organisations to activate online and virtual working modes, there has been a rapid spike in cybercrime. While the pandemic moved leadership of organisations to increasingly adopt the Internet of Things (IoT), technological innovations and digital communications capabilities to drive effective business operations, they also inevitably become exposed to the risk of these realities.
This new paradigm also resulted in remote working conditions for the employees and engagements by business partners. According to Global Workplace Analytics, about 25-30% of the workforce will be working remotely by the end of 2021.
This workplace shift is creating a new work culture among the millennial workforce. The Future Forum Research, which gathered data from 4,700 employees, showed that most people never want to go back to work. The report recorded that “only 12% want to return to full-time office work and 72% want a hybrid remote-office model moving forward”.
This norm has bolstered the market share of several interactive and business communication platforms such as Slack, Zoom, Google Meet, to mention but a few.
However, despite the advantages of working from home favouring both the employers and employees, in terms of operational cost curtailment and flexible working hours, there is an increasing threat from cybercriminals profiting from the business adjustments. A 2021 report by Sophos, a global leader in next-generation cybersecurity, showed a 66% increase in phishing attacks on Nigerian businesses, especially as more employees working from home or remotely became prime targets.
Cybercriminals deploy ‘phishing techniques’ to fraudulently induce individuals or employees to reveal sensitive information, such as passwords, by sending emails purportedly from reputable companies.
1. Work from home means more staff will work online
Working from home means staff will have to rely on several internet servers to ensure they are productive and get the job done. With the unstable internet connection, employees might have to connect to untrusted internet providers, servers or public WIFI to avoid delays in delivering their tasks. The decision to hop on any available network can be due to the demand and pressure from the employers that have the impression that employees are not as productive as they would if they were not working remotely. Employees must be aware that free internet networks are tricky and can open the backdoor for cyberattacks on the organisation despite the pressure.
2. The use of Virtual Private Networks (VPN)
Following the ban on Twitter in Nigeria, most Nigerians have had to opt to use virtual private networks (VPN) to access the platform. Although this seems like a harmless solution, the risks of using these networks are enormous. Some of these networks contain malware, which is the second-largest cyber threat facing businesses and organisations, of which Nigeria ranks 5th globally with 46% of all recorded cases.
It is noteworthy that using a free VPN leaves one vulnerable to cyber tracking one’s online activity. Studies have found that 72% of free VPNs embed third-party trackers in their software; this is startling because the critical reason for using a VPN is for privacy while browsing the internet. What this means is that these networks expose individuals to more threats than shields.
3. Have a clear recovery plan
Beyond the precautions, awareness to employees, education on how to recognise a cyber threat and the steps to curb these risks, the depressing reality is that no solution fully guarantees a cyber-threat-free operation. This reality speaks to these hackers’ unrelenting sophistication. It is well known that even tech unicorns and multi-billion dollars corporates such as Facebook, HP, Twitter, Google, Microsoft have all fallen victim to these hackers. It then begs the question, what chance do smaller and growing businesses have?
Since one cannot guarantee full proof of being a victim, it is better to guarantee limited or zero financial exposure should the worst occur. So it is essential to take deliberate actions.
DISCLAIMER: Comments expressed here do not reflect the opinions of FraudXpose or any employee thereof.