Indians have been worst affected by identity thefts in the past 12 months, claims a new report by NortonLifeLock.
Norton Cyber Safety, the cyber security major surveyed more than 10,000 adults in 10 countries, including responses from 1,000 adults in India.
According to the report, more than 36 percent of Indian adults detected unauthorised access to their accounts or devices in the past 12 months. While 2 in 5 Indian users have experienced identity theft to date, over 27 million Indian adults experienced identity theft overall in the past 12 months, the report states.
500% Increase in Cyber Attacks During Work from Home
In the last year alone India has witnessed a 500% increase in cyber security incidents during the coronavirus pandemic.
The massive health crisis has pushed an entire workforce to work from home, with security solutions such as firewalls, DNS security and intrusion prevention proving ineffective.
“The COVID-19 pandemic and the transformational pressure it has created on work habits and work environments has increased attacks and multiplied the risk of cybercriminals breaching security defences. Remote users who are distracted and are accessing key services from their homes are mainly victims of such malicious attacks.”Murli Urs, Country Manager of Barracuda, a Data Protection and Cyber Security company told The Quint
How to Keep Your Data Safe While Working from Home?
Employees need to use company-mandated security measures and company-approved devices to access enterprise resources.
"More importantly, the popular adage, ‘never mix personal with professional’ applies here as well. Employees need to use their company-mandated devices only for professional purposes," Prasad T of Instasafe, a cloud-based service solution told The Quint.
Emphasising on emails being the major threat vector, Murli said, “A Barracuda research warns phishing campaigns are now using COVID-19 vaccination as a hook, as the research reveals the average number of vaccine-related spear-phishing attacks was up 26%. While the remote workforce is distracted, users must stay alerted and be skeptical of all vaccine-related emails and don’t click on links or open attachments in these emails, as they are typically malicious."
Common Mistakes That Should be Avoided
Considering that individuals working remotely might be distracted, they are prone to clicking on unprotected links or open attachments they may otherwise have avoided. This is where they should be extra cautious and refrain from accessing any such links.
Sharing his thoughts on this, Murali said, "Some remote users also tend to leave their passwords easily accessible by mistake. To avoid getting it into the wrong hands, they should use a password manager to keep track of login credentials and enable two-factor authentication for online accounts whenever possible."
“Many a time, users share the password of their home WiFi connection with multiple people or even keep them open for public access. Now is a good time to reset WiFi passwords and provide access only to trusted individuals. In fact, they should connect to the company-provided VPN if available.”Murli Urs, Country Manager of Barracuda
What Should You Do If Your Data is Hacked?
If you feel that your company device has been hacked and your data is at risk, the following steps are mandatory to ensure minimal loss, explains Prasad:
- Take snapshots of any suspicious activity on your device, and immediately contact your security team for guidance
- If you can, change your passwords and logins immediately
- If you can’t, log out of all cloud and app logins immediately and report the same to your IT team
- If there is clear evidence of data exfiltration, report the same to the team
From the companies’ perspective, IT teams need to get into war mode to handle remote breaches. Some of the steps they can take are:
- Suspension of all app logins
- Initiate remote device lockdown if the device is not under BYOD
- Analysis of data use to identify what data has been compromised
- Ensuring the employees get a fresh set of credentials to access enterprise resources
- Amending remote work guidelines to prevent similar hacks