With kids home from school, many people working from home and many essential services beginning to function remotely, the world is moving more online than it ever was before.
With that move come more vulnerabilities. Just last week, the Milwaukee Elections Commission fell victim to a practice known as “Zoombombing,” which involves people logging into a public meeting on the videoconferencing software and causing a disruption. For the MEC, that meant racial slurs and pornography.
But a zoombombing is only a temporary disruption, according to Brian Dennis, director of the University of Wisconsin-Whitewater’s Cybersecurity Center for Small Business. He compared zoombombing of a government meeting to protesters barging in and disrupting a city council meeting.
Dennis said the real concern is what’s under the hood — especially for government entities or businesses with large amounts of private data.
“When I think about elections offices, city clerks offices, carrying massive amounts of data, I would not feel extremely comfortable running a product like Zoom knowing they have cybersecurity issues,” Dennis said.
“These are front-facing issues, what’s actually going on behind the scenes we’re not even aware of,” he added. “I can’t say that Zoom is safer than any program that’s out there. As a political office, I would be a little leery of running a program that would leave me vulnerable. The trick is finding one that’s safe and secure.”
Dennis said he’s been dealing with an explosion of all forms of cybercrime.
“What we’re seeing is an increase in all forms of cyberattacks,” Dennis says. “The landscape of cybersecurity has changed. There are more people connecting on unsafe devices, unsafe networks, shared computing, new opportunities for criminals to capitalize on. There’s also a whole new set of fears, people being afraid and criminals tapping into that fear to develop their scams.”
He said businesses are fearful of employees moving onto their home networks that might not be as secure as the normal office network. There are also more people using the same computer for their work and personal lives — exposing more data to attacks.
“What we’re suggesting if you’re working from home is try as hard as you can to use a computer that’s only for work,” Dennis says. “The amount of data people have access to has just doubled and it’s more valuable.”
Aside from the security issues, there are more online scams than ever, according to Dennis. There have even been people pretending to be IT professionals on the phone to gain access to personal info and scammers taking advantage of the recently passed CARES Act.
“We are seeing a huge increase in phishing scams,” Dennis says. “Specifically scams dedicated towards the CARES act. I just recently got an email about needing to click this link to finish submitting my SBA disaster loan request. A lot of people are scared right now and they’re clicking anything they see if they think it can help. The U.S. government is not going to ask you to send them your bank account and routing info.”
But, according to Dennis, there are ways people can protect themselves. Changing passwords and updating computers are both important steps for individuals. Businesses and government offices, Dennis says, should be in contact with the experts around the state to figure out the best way to protect their data.
“It’s important for our local offices to reach out to their community of cybersecurity experts,” Dennis says. “There’s folks all over the state who are expert level in cyber. They should reach out to their cities and ask what they’re doing.”