Advice on home-working vulnerabilities
Declan Doyle, an ethical hacker from the Scottish Business Resilience Centre is urging home-workers to be extra cautious when using video-conferencing software.
Along with team of ethical hackers, Declan recently delivered a webinar to help businesses avoid damaging pitfalls resulting from the unique working environment created by the COVID-19 response.
They ran through the latest scams, attacks and best-practices on a dedicated webinar titled “The Do's and Dont's of Video Conferencing”, with the top advice including:
Here's what he had to say.
“Video conferencing software has boomed since the start of the pandemic response, so it is little surprise it is coming under increased scrutiny now – and rightly so. No software is perfect – and despite the scare-stories most can be used safely with a little know-how and some common-sense.
“Zoom and Houseparty in particular have come in for criticism. Thankfully that has meant they are focusing intently on improving security and making adaptations. They know that their reputations will be defined by this. That said, it still pays to know the pros and cons of the various software out there.”
"Over the last few weeks, a range of stories have highlighted alleged weaknesses in video conferencing software, with evidence also emerging of criminals “bombing” into conversations to listen in to confidential conversations.
"Some platforms have also been criticised for a lack of “end-to-end encryption” - which if in place would prevent a third-party being able to “decrypt” or understand conversations while others have been challenged for passing on data to advertisers.
“One of the key things we would recommend is that users of video conferencing look closely at settings. For instance, Zoom – which has emerged as the leading brand - can enable users to require passwords to join from a link – as well as approving who enters and leaves a call.
“Generally speaking, the biggest risks don't stem directly from video conferencing software and their vulnerabilities, rather user carelessness.
“It is vital that businesses get video conferencing right. However, there are a myriad of potential ways an unscrupulous individual would look to exploit the current situation. We shouldn't ever be despondent however, as there is a huge amount we can all do to protect our systems and our businesses.
“Firstly, we must be more vigilant and cynical than ever before. Be aware that there are more email scams out there casting a net and looking for people to fall for them. If we're working from home we must also make sure that we are keeping our devices updated. New software updates are how we keep ahead of most vulnerabilities.”
To watch previous webinars, please visit: https://www.sbrcentre.co.uk/news/
The SBRC is a non-profit organisation which exists to support and help protect Scottish Businesses.
To ensure Scotland remains a safe place to live, work and do business, SBRC will be regularly sharing COVID-19 developments and advice from Scottish Government, its partners and members as they happen.
SBRC maintains a unique connection to Police Scotland, Scottish Fire and Rescue Service and Scottish Government, which gives the organisation exclusive access to the latest information to advise citizens and businesses how to interact safely.
Follow our Twitter for more Insights
Share this on