Working from home might help flatting the curve, but it's not helping cybersecurity. Kaspersky statistics show a sharp spike in network attacks in South Africa between 15 and 21 March 2020 – with affected devices increasing in number from the 20 000 - 30 000 average to peak at approximately 310 000 over these few days. The peak coincides with a time in South Africa when remote working increased in response to national emergency containment measures in an effort to flatten the curve of spread of the Coronavirus (COVID-19) in the country.

Says Maher Yamout, senior security researcher for the Global Research and Analysis Team (GReAT) at Kaspersky: “The region is seeing an increase in attempts to break into the organisations systems to establish control over them, sabotage their work, or access sensitive information. Remote working provides cybercriminals a prime opportunity to target devices, especially those that don’t necessarily have adequate IT security measures in place. Such a spike recorded, although temporary, leads us to believe that cybercriminals have keenly been focused on the region given the current circumstances – have been on the lookout for vulnerable devices to exploit - and likely due to the rapid increase in remote working protocols that have been initiated during this timeframe, especially since the growth in attacks continued until the weekend.”

The attack types used varied, yet a third of them were attempting to penetrate the network with brute forcing of passwords - repetitive attempts at various password combinations. This technique is very common and often works well with weak or repetitively used passwords or poorly configured systems.

Kaspersky, along with other market commentators, have recently shared advice linked to working from home strategies and the important security elements to consider, as this practice becomes more standard for many businesses in light of the global pandemic.

Adds Yamout, “Observing the statistics of network attacks for the past two months, we’ve never seen the numbers going above 45,000 attacks a day, while the last week saw this number reaching over 300,000. In reviewing this spike, it certainly reinforces the need to institute critical security measures for remote working strategies, to ensure effective protection. However, with the spike dropping again, such advice is likely being onboarded and taken seriously, which is great to see, and we hope continues.”

Kaspersky graph showing sharp increase in network attacks between 15-21 March 2020 in South Africa

Kaspersky shares a recap of top tips employees can follow when working remotely:

• Make use of a VPN to connect securely to the corporate network
• Use multi-factor authentication wherever possible
• Ensure all corporate devices – including mobiles, laptops and tablets are protected with adequate security software
• Segregate your personal devices/life from corporate computers
• Ensure the latest available updates are installed regularly
• Only use corporate-approved teleconferencing software
• Practice basic cybersecurity rules:
  • Do not click on emails from strangers or unknown sources
  • Do not open attachments received from unknown senders
  • Make use of strong passwords only
  • Do not share passwords
  • Don’t connect to unprotected or public Wi-Fi