ZIUR proposes 8 recommendations for a cybersecure summer
The Gipuzkoa Industrial Cybersecurity Center warns of the importance of adopting and intensifying protection measures
Holidays and the increase in remote access to corporate systems of companies can be a security breach that cybercriminals take advantage of to sneak into computer systems. Attempts to attack corporate computer networks are continuing. For this reason, ZIUR works to make all organizations aware of the need to implement technical and organizational cybersecurity measures.
ZIUR is an initiative of the Gipuzkoa Provincial Council created within the framework of the 'EtorkizunaEraikiz' strategy to preserve cybersecurity in the industrial field. ZIUR continuously analyzes the evolution of the attacks that are launched indiscriminately against the industrial fabric of Gipuzkoa through its cybersecurity observatory. The investigations carried out to date do not reflect that there are selective attacks directed at the main industries in the territory, but there are massive attacks against all types of companies.
For this reason, ZIUR plans to adopt a series of precautions, especially at times of greater remote access to computer systems, such as summer vacations. In this context, the Gipuzkoa Industrial Cybersecurity Center proposes following 8 recommendations for a cybersecure summer:
Beware of open Wi-Fi
Try to avoid Internet connections through Wi-Fi in public places such as hotels, airports, restaurants, etc. Even if they have a password to connect, it probably hasn't been changed in years or is very weak and easy to get. These networks are used by attackers to "sneak" into devices and, from there, obtain information to extort money from a person or an organization.
Accommodation reservations outside official channels
When making a reservation for an accommodation or summer activity, it is important to check the source of said reservation. Do not make reservations outside the official reservation channels and portals, which often offer cheaper prices for the same services. On many occasions they are false services that use photos of legitimate reservation centers and behind that reservation there is neither accommodation nor service, but an economic scam.
Phishing
Summer and the reservation of different activities associated with vacation leisure are always a great hook that attackers take advantage of to send malicious emails posing as hotels, lodgings, restaurants, etc. It is advisable to always check the origin of these communications and pay special attention to links and files attached to these emails.
Open professional mail on personal mobile
Using the personal mobile for professional purposes during the summer is an added risk. Normally, users relax on vacation when taking the necessary precautions and attackers take advantage of these circumstances to sneak into corporate systems.
Social networks
Sharing vacation plans on social networks is very common. Well, many times this habit offers too much information that attackers can take advantage of to more easily access their targets.
Device loss
Holidays are always a period where many devices are lost, especially mobiles. If these mobiles have critical or personal information, it is a risk since it is not known in whose hands they may end up. For these cases, it is advisable to have an MDM (Mobile Device Management) solution that allows you to quickly delete said content or that the information is encrypted so that no one can access it.
Keep systems up to date
In summer it is still vitally important to maintain a device and system update policy. The attackers are aware that the technology departments of companies have fewer staff and, in the event that a critical vulnerability arises, they do not miss the opportunity.
User training
Cybersecurity training for users is of vital importance and, as part of the training content, these aspects must be included so that everyone knows how to deal with vacations and enjoy themselves, without compromising personal or company cybersecurity.