69th Day Of Lockdown

Maharashtra65168280812197 Tamil Nadu2024611313157 Delhi173877846398 Gujarat1635692321007 Rajasthan83654855184 Madhya Pradesh78914444343 Uttar Pradesh77014651213 West Bengal48131775302 Andhra Pradesh3461228960 Bihar3359120915 Karnataka292299749 Telangana2499141277 Jammu and Kashmir234190828 Punjab2197194942 Odisha17239779 Haryana172194019 Kerala120957510 Assam9361044 Uttarakhand493794 Jharkhand4621914 Chhatisgarh4471021 Chandigarh2891994 Tripura2711720 Himachal Pradesh223634 Goa70420 Manipur6060 Puducherry57230 Nagaland3600 Meghalaya27121 Arunachal Pradesh310 Mizoram110 Sikkim100
Technology Other News 27 Mar 2020 Ensure your VPN is s ...

Ensure your VPN is strong: Cyber attacks growing as more people work from home

PTI
Published Mar 27, 2020, 7:06 pm IST
Updated Mar 27, 2020, 7:06 pm IST
Change passwords of your home Wi-Fi router to strong and unique ones on every account and device and use two-factor authentication
It is recommended that you update your VPN, network infrastructure devices, and devices being used to remotely access work environments with the latest software patches and security configurations.
 It is recommended that you update your VPN, network infrastructure devices, and devices being used to remotely access work environments with the latest software patches and security configurations.

New Delhi: There has been an increase in the number of cyber attacks on personal computer networks and routers since professionals were asked to work from home in the wake of the COVID-19 outbreak in the country, the national cyber security agency said on Friday.

"Cyber criminals are exploiting the COVID-19 outbreak as an opportunity to send phishing emails claiming to have important updates or encouraging donations, impersonating trustworthy organisations," the CERT-In said in its latest advisory to internet users.

 

The Computer Emergency Response Team of India (CERT-In) said the phenomenon has been witnessed as many organisations have asked their staff to work from home to help stop the spread of the coronavirus that has claimed thousands of live worldwide and infected millions.

"There is an increase in the number of cyberattacks on computers, routers and unprotected home networks used by employees who have switched to remote working due to the spread of COVID-19," it said.

With most employees working from home, the agency said, enterprise VPN servers have now become paramount to a company's backbone, and their security and availability must be the focus for IT (information technology) teams.

"It is important that the VPN service is patched and up-to-date because there will be way more scrutiny against these services," it added.

The CERT-In also suggested some countermeasures and best security practices in this context: Change default passwords of your home Wi-Fi router to prevent hackers from accessing your network; use strong and unique passwords on every account and device and use two-factor authentication (2FA).

Some other countermeasures include: Not allowing sharing of work computers and other devices. When employees bring work devices home, those devices should not be shared with or used by anyone else in the home, it said.

"This reduces the risk of unauthorised or inadvertent access to protected company information," the advisory stated.

It asked users to update VPNs, network infrastructure devices, and devices being used to remotely access work environments with the latest software patches and security configurations.

"Only use software your company would typically use to share files and refrain from using your personal email or 3rd party services unless reliably informed otherwise," it added.

It is recommended that even remote user activity is covered by the organisation's perimeter security tools, the advisory said.

"Ensure that remote sessions automatically time out after a specified period of inactivity and that they require re-authentication to gain access," the CERT-In said.

It also urged IT teams of the organisations to remind employees of the types of information that they need to safeguard.

"This often includes information such as confidential business information, trade secrets, protected intellectual property and other personal information," the advisory said.

"Also, 'remember password' functions should always be turned off when employees are logging into company information systems and applications from their personal devices," it said.

A specific suggestion for IT teams was to "consider Mobile Device Management (MDM) and Mobile Application Management (MAM)."

"These tools can allow organisations to remotely implement a number of security measures, including data encryption, malware scans, and wiping data on stolen devices," it said.

The CERT-In is the country's nodal agency to combat cyberattacks like hacking and phishing and is also mandated to fortify the security of the country's internet domain.

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

...




ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT