*By Eliana Francisco
Telecommuting has become the new norm during the pandemic for many organizations and adoption of hybrid working is expected to continue post-pandemic.
The risk is in the way people work outside their work environment use notebooks and connect to WiFi networks that are often unsecured when away from the office.
According to Kaspersky's study of people who use open wireless network, only 8% claim to connect via virtual private network (VPN) was evidenced that 44% of respondents work in places with corporate security policy on the use of smartphones and tablets, while 35% are in companies without any rules in this regard and 21% do not know if there is any guidance implemented by the company.
Thus, cybercriminals began to observe loopholes to apply new scams, using, mainly, individuals with little experience online as victims.
Brazil is the 5th biggest target of cyber crimes:
cyber crimes
Cybercrime is a criminal activity that targets or makes use of a computer, a network of computers, or a networked device.
According to recent studies, there is an increase of 265% in crimes committed in the virtual environment in 2020.
A large part of cyber crimes is aimed at obtaining money or causing some kind of harm to people or organizations. An example of cybercrime often used in home office times is Phishing.
Phishing
It consists of a social engineering technique used to trick users into illegally obtaining confidential information, or after the user clicks on a link available on email, the malicious program starts working on the machine collecting information.
O malware it can also be in the download attachments.
Types of cyber crime
- fraud by email and over the Internet.
- Identity fraud, when personal information is stolen and used.
- Theft of financial or payment-related card data.
- Theft and sale of corporate data.
- Cyber extortion, which requires money to stop the threatened attack.
- Ransomware attacks, a type of cyber extortion.
- Cryptojacking, when hackers exploit cryptocurrencies using resources they don't have.
- Cyber espionage, when hackers access government or company data.
Computational Forensic Expertise
Forensic expertise is associated with crimes that are committed through computer devices, used to commit a crime or as a means of storing them. Forensic expertise finds and catalogs evidence through tools that decrypt information, retrieve information (if deleted), track the crime's origin route, among other resources used to investigate and unravel cyber crimes.
Importance of proper treatment
When dealing with a cyber crime, the technological factor can completely influence the definition of what is the local scope of the crime.
It is important to properly handle the evidence collection, preservation of integrity in order to ensure that the evidence will not change for the presentation of the conclusion report, which will have the evidence.
Conclusion
The concern of organizations in relation to information security and data privacy grows due to the unpreparedness of the infrastructure of home networks, combined with the lack of awareness of employees, providing an increase in vulnerabilities.
Cybercriminals can spend considerable time scouring the system for vulnerabilities, and actually make the attack later.
There is a golden rule to protect yourself from fraud: always be suspicious, prevention is always the best option.
— Eliana Franscisco is GRC and Information Security Consultant at [SAFEWAY]
About Safeway:
THE SAFEWAY is an Information Security company, recognized by its customers for offering high added value solutions through projects in Information security that fully meet the needs of the business. In these years of experience, we have proudly accumulated several successful projects that have given us credibility and prominence among our clients, which largely constitute the 100 largest companies in Brazil.
Today through more than 23 strategic partnerships with global manufacturers and our SOC, SAFEWAY is considered a one stop shopping with the best technology solutions, processes and people.
Let's make the world a safer place to live and do business!
