Leading stock exchange BSE has cautioned market intermediaries against malicious cyber attacks amid increased usage of mobile phones and tabs in the wake of lockdown to contain the COVID-19 pandemic.
Many organisations have switched to work-from-home, due to outbreak of the pandemic, with employees using mobile phones, tabs and personal laptops in order to maintain business continuity.
This has resulted in unprecedented increase in dependency on digital means by many folds and resulting in many operations that may possibly be under remote monitoring mode.
"Cyber criminals have started using this as an opportunity to target such users and computing devices used," the exchange noted.
Accordingly, BSE has cautioned market intermediaries against such threats and also issued an advisory with series of suggestions to keep personal mobile phones healthy and secure.
In a circular, the exchange has asked all market infrastructure institutions, markets intermediaries, mutual funds and other Sebi regulated entities to strictly adhere to ''cyber security guidelines'' issued by the capital markets regulator and follow best practices and recommendations and other advisories by cyber security agency CERT-In.
The suggestions have been issued for organisations as well as individuals.
"In case of an incident, report it to relevant authorities and keep the exchange informed accordingly," BSE said.
Advising ''work-from-home'' employees and related vendor staff, the exchange has asked them to preferably work from a private space, in case of working in public place use a privacy screen and tether using a trusted 3G/4G connection instead of an untrusted Wi-Fi hotspot.
Besides, it asked them to change default passwords on home Wi-Fi router to prevent hackers accessing home network
"All personal computation devices, including mobile phones, tabs, desktops and laptops should be protected with up-to-date antivirus and malware protection software with latest signatures" BSE said.
Majority of the cyber-attacks are primarily introduced via phishing emails, malicious messages through websites and social media and malicious apps. Hence, it has been advised not to click links and attachments which are suspicious.
BSE has asked the organizations to ensure that continuity of operations are up-to-date along with adequate measures to address cyber crises.
Besides, they have been asked to ensure remote access to the organization''s network strictly through secured connectivity like Virtual Private Network (VPN) using multi-factor authentication.
Further, they have to make sure that all systems are implemented with anti-malware and anti-intrusion prevention having latest updated signatures.
It has been noted that many unique files dubbed as Coronavirus spread related documents are circulating on the web which are filled with malevolent infections such as file-encrypting malware.
These attacks and malware indiscriminately target individuals and organizations across the world stealing financial data and other sensitive information.