News

Homeworking firms issued cyber advice to avoid criminals exploiting coronavirus

The move comes as more companies adopt working from home practices in response to latest Government advice.
The move comes as more companies adopt working from home practices in response to latest Government advice. The move comes as more companies adopt working from home practices in response to latest Government advice.

The UK’s cyber security agency has issued guidance to companies on how to keep data safe as criminals seek to exploit coronavirus fears.

It comes as more workers resort to working from home, in response to the latest recommendations from the Government aimed at slowing the spread of Covid-19.

The advice from the National Cyber Security Centre (NCSC) – which is a part of GCHQ – details steps on how organisations should prepare for increased remote working and ensure staff are vigilant with work devices that may contain sensitive data.

It warns that employees are more likely to have their devices stolen or lost when they are away from the office or home, so efforts must be made to ensure data is encrypted while in a resting state.

National Cyber Security Centre headquarters
National Cyber Security Centre headquarters National Cyber Security Centre headquarters in Victoria, London (Kirsty O’Connor/PA)

“Whether using their own device or the organisation’s, ensure staff understand the risks of leaving them unattended, especially in public places,” the guidance reads.

“When the device is not being used, encourage staff to keep it somewhere safe.”

NCSC also reminded people to be aware of email scams linked to the coronavirus, which may claim to have a “cure” for the virus, offer a financial reward, or encourage donations.

“Like many phishing scams, these emails are preying on real-world concerns to try and trick people into doing the wrong thing,” the guide goes on.

The NCSC awareness drive follows a warning from the World Health Organisation that fake emails had been sent by criminals posing as the WHO in February.

These criminals were trying to steal money and sensitive information, the WHO said.

In recent months cyber criminals have also impersonated the US Centres for Disease Control and Prevention, creating domain names similar to the official web address to request passwords and even bitcoin donations to fund a fake vaccine.