Consider the nightly routine you perform to secure your home before heading to bed: Lock the door, make sure the windows are closed, turn on the porch light, set the alarm system. But what most people might not realize is there's another way for others to break in and take possession of your valuable assets—by accessing your computer and smart devices.
And since a lot of us are working from home and learning virtually as a result of COVID-19, cyberattacks are on the rise. “Distractions and sometimes complacency can make workers more vulnerable in a home office," says Douglas R. Lomsdalen, information security officer at California Polytechnic State University, San Luis Obispo. “Workstations used at home should be used exclusively for work purposes. Support for compromised or nonfunctional workstations may be hindered in a work-from-home environment. Keep your personal computer, laptop and mobile devices up to date with the latest patches and upgrades."
Here are additional tips on how to protect against cyberattacks while working remotely, courtesy of information technology experts from Cal Poly San Luis Obispo.
How has COVID-19 exacerbated problems surrounding cybersecurity?
One of the struggles with personnel working remotely is ensuring their state-issued devices are up to date. We've ensured our users know how to access our Virtual Private Network (VPN), enabling them to access campus resources.
What are some of the ways in which hackers are taking advantage of this opportunity?
Malicious actors know our users are away from work, working from home and possibly have their guard down. They're predominantly targeting faculty and staff, but we continue to see attempts to lure in students, too. There has been an increase in phishing emails, especially “You have a voicemail" messages that contain a link to a phishing site.
What's the best way to identify phishing scams?
1. Hover over any links provided to ensure they will take you where you expect.
2. Know what your campus's sign-in URL and page look like.
3. Verify the URL of the sign-in page before you provide a username/password.
4. Think before you click; go directly to the website you need to access content, not via a third-party or external website.
With the increased dependence on Zoom, what do we need to look out for?
All hosts need to be aware of the pitfalls of using Zoom and have the tools to set up safe and secure sessions. Hosts should make sure they know everyone on the “call." If they don't, inquire with that person to see if they belong. Set up Zoom sessions with passwords. Do not share Zoom session details on a public forum. Finally, monitor for outdated Zoom clients and update those needing critical security patches.
Which steps can be taken to safeguard our homes against cyberattacks?
1. Install anti-virus software.
2. Keep devices updated.
3. Back up important information.
4. Create/use strong passwords (don't reuse).
5. Don't share your work device with family members.
Find out more about how the CSU is making a difference in the field of cybersecurity.