Special: Hackers may be watching while you work from home


Dubai - Experts have said that the threat of phishing and impersonation attacks have increased during extended periods of remote work.


Sandhya D'Mello

  • Follow us on
  • google-news
  • whatsapp
  • telegram

Published: Sun 18 Oct 2020, 12:29 AM

In the time of Covid-19, several families stay home to stay safe. Parents log into their work systems, as kids show up for class on their e-learning devices. With this new-normal set-up, industry experts are flagging another safety concern: Cyber safety.
Are you protected from hackers and online threats? A recent study of Internet activity in the region has found a whopping 751 per cent increase in 'unsafe clicks' when the Covid-19 outbreak started from January to March.
There was a 36 per cent rise in spam from February to March and a 22 per cent jump in malware, according to the Mimecast Threat Centre, which crunched the numbers from data collected from the Middle East and North Africa.

Experts have said that the threat of phishing and impersonation attacks have also increased during extended periods of remote work. In the second quarter of the year, Kaspersky's systems have detected more than 600,000 phishing attacks in the country. Phishing is an attempt to steal personal data-like passwords and credit card numbers.

Several organisations weren't prepared to have their entire workforce operating remotely, said Werno Gevers, cybersecurity specialist of Mimecast. So, when the world was forced to stay home a few months ago, business and IT leaders had to quickly implement strategies that allowed their staff to remain productive,

"With a remote workforce came increased cyber risk, which meant that organisations had to quickly implement solutions that could keep employees protected while working from home," Gevers said.

"Security vendors had to ensure they were adequately protecting their customers with solutions for a variety of cyber threats. It was also vital that IT and security systems should be an enabler of remote working and not an inhibitor."

Imagine confidential data now being transmitted beyond the confines of a company's perimeter-level security. This prompted organisations to look at how they can minimise cybersecurity gaps in a work-from-home setup.

Harish Chib, vice-president for Middle East and Africa at Sophos, said: "The cybersecurity of employees working from home or any another location has become critical. Maintaining the same level of enterprise security for customers during this 'new normal' is a top priority."
What you can do about it
With a distributed workforce and an abundance of scams doing the rounds, organisations need to take steps to adequately train employees on spotting these threats. Security awareness training has therefore become increasingly important.

Maher Jadallah, regional director for Middle East at Tenable, said: "There are some things that will help. For example, using two-factor authentication when accessing online services can protect accounts. Utilise end-point protection, such as anti-virus software, on devices that are being used to access corporate data.

"Scan devices and applications to ensure that the latest software version is being used to reduce the vulnerabilities attackers typically target."

Keeping systems updated could prevent cybercrimiunals from leveraging any flaws in the code, Jadallah added.

"If you're sent a message that doesn't look right, delete it. Don't click on links sent via SMS or in emails and don't open attachments from untrusted sources," the expert said.
As most residents stayed home amid Covid-19, the Dubai Police have seen a rise in cybercrime reports this year, an officer has said.

Capt Abdullah Al Shehi, deputy director of e-investigations at the Dubai Police, said the spike in e-crimes was also a result of awareness. "People are now doing the right thing by reporting such crimes. Cybercrimes do exist, but people often prefer not to report it," he said.

The Dubai Police launched its e-crime platform last year, allowing the public to file complaints in just a few steps.

"Before launching the platform, the number of e-crimes reported to the police was 1,694. But it increased to 14,132 reports after the launch," Capt Al Shehi said. About 9,390 of these reports were from men and 4,742 from women.

Residents could report any cybercrime through the website www.ecrime.ae or on the smart Dubai police app.

In Abu Dhabi, the judicial department announced last month that the number cases related to e-crimes had gone down to 430 this year from 1233 cases last year.
The work-from-home (WFH) culture that emerged from the Covid-19 pandemic has pushed several companies to enforce digital transformation.

Microsoft Corp on Friday said it would allow most of its employees to clock in up to half their weekly working hours remotely. Earlier in May, Twitter Inc became the first major tech company that allowed employees to work remotely indefinitely. Facebook Inc had also said it would its staff could work from home until July next year, while Google had extended its remote working period until June.

Pramod Kurian, COO of Dubai-based Pinnacle Smart Technologies, said: "Organisations have realised what is possible with WFH, and this model tends to continue despite challenges. WFH being must even increased productivity in certain industries and helped in lowering cost."

Most companies in the UAE never attempted this working model in the past. According to Hyther Nizam, president for MEA of Zoho Corporation, the major challenges faced by people working from home are collaboration and communication.

"Today, there is no dearth of networking and communication tools in the market. But such collaboration apps themselves do not collaborate. Ultimately, businesses are left with a bunch of tools that are more disruptive than conducive when used together," Nizam explained.

"Though WFH can get the work done, it cannot replace the live interactions that an in-office experience provides your employees. You miss out on the fun and casual conversations, which facilitate social engagement. Not to mention, in-person team meetings can help achieve quicker convergence during decision-making."


- Ensure devices and systems are fully protected

- Keep all devices, operating systems and software applications up to date.
- Enable web filtering

- Ensure that users can access only the content appropriate for 'work' to protect them from malicious websites.
- Create a secure connection back to the office: All the data transferred between the home user and the office network must be encrypted and protected in transit.

Of decision-makers report that their firms had experienced at least one cyberattack related to Covid-19 in the last 12 months
(Source: Forrester Consulting, Tenable)

- 751 per cent increase in unsafe clicks detected in Mena from January to March 2020
- 600,000 phishing attacks in the UAE in the 2nd quarter of 2020

More news from