INICIO / BLOG / Ikusi recommends system monitoring and staff training for a cyber secure return to the office

Ikusi recommends system monitoring and staff training for a cyber secure return to the office

Experts in business networks and cybersecurity, Ikusi affirms that the return to work after the holidays is prime time for cyberattacks and estimates that around 25% of victims fall for these scams

Holidays and the summer season offer a break from the routine, but one of the most common consequences of returning to work after a period of absence is forgetting the passwords to the various accounts, the computer, etc. Cybercriminals are well aware of this and exploit this time of year to launch sophisticated phishing campaigns which involve sending emails in which they pretend to be legitimate companies or organisations in order to request personal information.

Ikusi, experts in business networks and cybersecurity, affirms that the return to work after the holidays is prime time for cyberattacks and estimates that around 25% of victims fall for these scams.

Javier Aguilera, general director of Ikusi in Spain, points out that “credential theft is the most commonly reported cyberattack during this period. Cybercriminals take advantage of users forgetting their passwords and launch organised mailing campaigns requesting that they update their passwords due to not having logged in for a while. This practice is also widespread in online banking, but in this case the attacks are also carried out through SMS.”

Once the cybercriminals have obtained the information, they do one of the following: attack the systems, demand a ransom for the information or sell it on the dark web.

Another type of cyber fraud is that of impersonating the CEO or a senior executive, mainly of medium-sized companies, in emails requesting people in their team to make payments to suppliers, which are fake. Aguilera says that “they copy the CEO’s signature, backed up by considerable social engineering.”

Tips for a cyber secure return to work

The cybersecurity risks accompanying the return to work and the fact that cyberattackers employ increasingly sophisticated tools mean that “the best tool for a secure return to work is prevention”, affirms Ikusi’s general director in Spain.

The first tip is to realise that “no programme or organisation will ever proactively ask a user for their credentials. It is always the user who asks to recover or change their password”, he says.

Secondly, Ikusi recommends training. Aguilera says that internal awareness is fundamental to security, since employees are the main entry points for these attacks. He therefore advises companies to carry out simulations and ethical hacking campaigns and to send fake emails to employees, which will allow them to identify the characteristics of these cyberattacks and to understand the consequences.

Thirdly, monitoring systems and elements that may be susceptible to attack is key to detecting a cyberattack. According to Aguilera, “to be able to take action quickly, you must realise that you have been the victim of an attack. All systems have a pattern, and when an cyberattack occurs these patterns are broken. Therefore, provided that we have appropriate monitoring in place, we can detect these attacks.”

A fourth tip is to carry out regular maintenance, keeping all software up to date and protecting all devices. For this, a security analysis and regular penetration tests need to be performed to identify vulnerabilities and weaknesses in the infrastructures.

And, finally, he suggests working with an expert cybersecurity company, since they will have the appropriate professionals and tools to help organisations.

SUSCRÍBETE A NUESTRO BOLETÍN

Mantente al día de nuestras últimas noticias y productos.