June 17, 2020
Share this post:
The big shift to remote working has meant huge changes in how we do our jobs, including risks we didn’t need to worry about before.
COVID-19 isn’t the only pandemic we’re suffering right now. Our digital lives are under unprecedented attack and the very thing that is meant to keep us safe from the actual virus – staying home – may be increasing our risk of digital infection.
As we socially distance, our online presence has ballooned as we move further into the digital realm, using new and unfamiliar platforms and services and relying on digital communication to stay in touch.
Scamwatch, run by the Australian Competition and Consumer Commission, reports it has received more than 2000 coronavirus-related scam reports with more than $700,000 in reported losses since the outbreak of COVID-19.
It says scams include fake text messages and emails pretending to be from government agencies or businesses such as banks, insurers or telcos, that contain malicious links or try and trick you into sharing financial information or giving remote access to your computer.
“For years we’ve been told to think twice about what we put online – don’t post anything you wouldn’t want your mother to see,” Australian National University (ANU) cybersecurity research fellow James Mortensen says.
“But now we are working from home, we have to learn to apply that test to a lot more platforms, as well as a lot more aspects of our life.” Because it’s not just our private information that is at risk. With the massive shift of Australians to working from home as part of the pandemic lockdown, hackers can also target information from our work world. And that has Mr Mortensen concerned.
“To me the bigger issue in working from home is the sheer quantity and quality of information that would have otherwise not been accessible – from board meetings to schoolyard bullying,” he said.
“This is not simply a privacy concern, but a goldmine for online crimes of harassment, fraud, and general exploitation.”
IBM’s chief technology officer for security in Australia and New Zealand Chris Hockings puts the increase in online attacks through coronavirus related spam and phishing at a massive 14,000 per cent.
“The tough time we are living through has presented an opportunity to attackers, and the data we’re seeing suggests that’s being actively leveraged,” he said.
“They have a specific purpose – to extract value. That can be financial fraud. But it might be other things as well, such as sensitive information.
“People who were working in an office just weeks ago, surrounded by systems that protected the organisation and themselves from harm, are now suddenly working from home. “That changes the risk level for both the enterprise and the individual.”
For some businesses, such change may be merely a matter of scale but for others it’s meant going from zero to remote workplace heroes in just a month and working from home, generally doesn’t mean working alone.
Everyone from cabinet ministers to primary school children are now working online. And that can mean parents and children sharing the same digital ecosystem.
One is accustomed to working in an environment secured for them. The other is used to not applying more than basic protection. When both are in the same place, these two forms of complacency can intersect.
“I personally have no great concern that our national secrets are at higher risk as a direct result of people working from home,” Mr Mortensen said.
“Anyone coming from a secure environment would already be across this. But the point is everyone needs to be aware of unanticipated pitfalls.
“As a general rule, the kids are across more platforms, more complicated platforms, and platforms that are often outside the scope of their guardians.
“Essentially, the vulnerability of kids to these threats might actually be higher, more diverse, or at the very least, much harder to quantify for the average punter.”
It’s a problem best addressed by keeping hardware “socially distanced”.
That means having one computer dedicated to sensitive work. In a dedicated room.
This isolates it – and you – from unintentional exposure.
When sharing a computer or tablet, you never know who has clicked on what.
And that could open up a channel for potential cyber attacks.
It’s also being alert to what’s going on in the real world.
“Security is rarely zeros and ones,” Mr Mortensen says. “It’s your child using Zoom while you have a tense conference call in the background. It’s them sharing your address, your comings and goings …”