Hacking activity is up, with cybercriminals taking advantage of remote work vulnerabilities amid the COVID-19 crisis. There are approximately 85 million Americans working from home. In fact, researchers cite that activity against corporations in the United States more than doubled by some measures in March, with malware infections, phishing tactics and ransomware running rampant. That’s because it’s harder to protect data when managed on home computers that use widely varying setups and on company machines connecting remotely.
VPNs Are Vulnerable to Hackers
Officials and researchers say that even remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem. It’s easier to hack a remote user than it is an individual working in a corporate environment, as VPNs are not bulletproof, said one cybersecurity expert.
The U.S. Department of Homeland Security’s (DHS) cybersecurity agency reaffirmed that VPNs bring with them a host of new problems, according to an article in Reuters. “As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” wrote DHS’ Cybersecurity and Infrastructure Security Agency. It’s more difficult to keep VPNs updated with security fixes as they are used at all hours instead of sticking to a schedule that enables routine installations during daily boot-ups or shutdowns.
An Uptick in Phishing Scams
One specific area of concern involves an increase in phishing scams related to COVID-19. The FBI released a statement saying that scammers, in some cases, pretended to be from the U.S. Centers for Disease Control and Prevention (CDC). Cyber thieves also pose as fake charities seeking to help people suffering during the pandemic, vendors, and individuals offering quick access to coronavirus economic stimulus checks. The emails contain links that infect computers with malware that hackers use to steal personal information, or lock computers and demand ransom payments in exchange for unlocking the computers. Palo Alto Networks estimates that in the past few weeks more than 100,000 domains have been registered containing terms like “covid,” “virus”, and “corona”. “Not all of these will be malicious, but all of them should be treated as suspect,” said Palo Alto Networks.
Cyber Best Practices Should Include Remote Work
Following are several steps businesses should be taking to help mitigate cyber threats for remote workers:
- Make sure remote employees who are unaccustomed to working from home know how to navigate the challenges involved.
- Train staff on how to identify and avoid risks such as not clicking on links or opening attachments found in suspicious-looking emails or messages relating to the COVID-19 outbreak.
- Don’t provide personal information like Social Security numbers and financial information during robocalls or in emails.
- Verify web addresses of legitimate websites.
- Don’t forward suspicious emails to co-workers.
- Report suspicious emails immediately to theIT or security department.
- Install corporate-approved anti-phishing filters on browsers and emails.
- If employees are using personal electronic devices for work, they should employ the same rigorous security measures as they do on company-owned devices. This means the devices should be equipped with up-to-date security and anti-virus software, together with the necessary privacy and encryption tools.
- Strengthen the company’s remote access management policy and procedures. Implement multifactor authentication for VPN access, IP address whitelisting, limits on remote desktop protocol (RDP) access and added scrutiny of remote network connections.
- Carefully consider the applications the organization uses for telework applications, including video conferencing software and voice over Internet Protocol (VOIP) conference call systems. Restrict access to remote meetings and conference calls.
- Beware of advertisements or emails purporting to be from telework software vendors.
- Strengthen financial and treasury controls to require callbacks or confirmations of emailed payment and change requests.
- Restrict access rights of people connecting to the corporate network.
- Keep systems updated with the latest patches and create backups.
This is no time to compromise security when transitioning to work-at-home. Review all cybersecurity best practices and update the policies accordingly.
Sources: Reuters, PwC, FBI