COVID-19. Cybernetic security-20 under the context work from home

Work from home has become the most used principle in most of the organizations, given the coronavirus pandemic declared by the OMS, and also taking into consideration the public statements made by some officials. Even though this wide-spread measure has been established as an optimal solution to ensure the continuity of business during the given situation, this new way of handling the daily activity can generate some negative side effects when it comes to the business progress. The main concern regarding the security domain comes right after Romania has entered in the third scenario.

Cyber crime placed at alarming levels

As the virus has exceeded the borders of China and it has spread in the entire world, obviously, the need to access information towards this subject has developed, which is giving the perfect opportunity to strike for the cyber attackers.

According to Check Point, one of the world leaders in the cyber security branch, since the beginning of January 2020, internationally, there have been 4.000 new domains on the internet linked to the coronavirus. These are being used in the spam and phishing activities, which are developed by the cyber attackers, not to mention that in Italy, 10% of their organizations have already been struck within the last few weeks.

At the same time, the Interpol has issued a notice to all of the police forces in the world regarding the new cases of fraud, which appeared under the crisis conditions created by the Covid-19. There have been reported at least 30 cases of racketeering in Asia and Europe, crimes that led to blocking 18 bank accounts and to the freezing of over 730.000 dollars involved in presumed to be fraudulent transactions.

Besides the spam and phishing activities, the Romanian criminal law incriminates the following doings, which are linked to the security of computer system and data:

-the illegal access to a computer system

– the illegal of a computer data transmission

–  disruption of the functioning of the computer systems

– illegal operations using devices or computer programs

– unauthorized transfer of computer data

Accessing data and resources of the organizations in a safe manner

Given the extremely fast development of the events, several organizations had no choice than to adjust to the work from home principle. The necessity of adopting this solution right away, leaving aside those whose businesses are linked to the cyber world, will force companies to face several syncopes which will affect their daily activity.

Until they will be able to acquire perfectly adaptable softwares for the work from home programme, the organizations have to manage not only the current infrastructure, but its security as well, considering the fact that the cyber attackers will take advantage of the inevitable communications deficiencies.

However, the responsibility of managing online threats comes to the employers and to the employees as well.

Downloading the documents owned by the company on personal units may represent a potential risk and it can develop into a bigger one as long as the information becomes more sensitive. If the units are personal, it is recommended to secure them with adequate softwares.

Opening phishing emails, received from apparently official organizations can represent another  potential risk. OMS has warned through their own official website, , that there are already several cyber security breaches.

Using the equipment owned by the company for purposes which are not linked to the business represents the biggest peril a company can face during these challenging times. Orders placed online, accessing unverified links or redirecting business emails to personal accounts are just a few examples of high risk activities.

To conclude on a short note, organizations should treat this new way of working in a serious manner and they should pay more attention on how it is handled because all of the activities regarding the work from home principle can unequivocally determine new investigations under DIICOT’s jurisdiction.