With more organizations adapting to working from home due to Coronavirus or COVID-19, there is a tremendous surge in online activities from home devices…and increased remote working security risks. Organizations need to focus on securing their remote workforce from such vulnerabilities.
With “Stay At Home” orders or their equivalents impacting huge worldwide populations, organizations have adapted by asking their staff to work from home or telecommuting and are embracing conference calling, video conferencing for e-meetings, etc. like never before. Families and friends are remaining socially active by leveraging these technologies as well. But with these new channels of communication, as well as our global fixation on COVID-19, comes malicious actors who are working to come up with more sophisticated hacking tools and techniques. Organizations must secure their remote workforce to prevent them from falling prey to “work from home” security risks. A big part of that strategy involves security, but in a recent survey, 90% of IT professionals believed that remote work environments are not secure.
Remote Working Security Risks You Should Be Aware Of
As reported by Helical last week, on April 1st the Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) released an alert that it had received and reviewed more than 1,200 complaints related to COVID-19 scams. The claims relate to phishing campaigns against first responders, DDoS attacks against government agencies, ransomware at medical facilities, and fake COVID-19 websites that quietly download malware to victim devices. Based on recent trends, the FBI assesses these same groups will target businesses and individuals working from home via telework software vulnerabilities, education technology platforms, and new Business Email Compromise schemes. Let’s review some work from home security risks and mitigatation actions to take against them, as well.
- Ransomware: Cybercriminals have been endeavoring to use COVID-19 related documents to gain access to computers and lockdown files for a ransom. They have increased their targeting of healthcare and education sectors.
- Phishing: These criminals push through customized phishing emails and attachments that people unknowingly click or open, thereby allowing the hackers access to the confidential data.
- DNS Hijacking: There has been a surge in fake live COVID-19 maps or tailored monitoring apps and DNS hijackers for changing critical records.
- Malicious Mobile Apps: Like DNS hijacking, there has been a surge in malicious apps appearing to provide real-time vital info about COVID-19 but in fact steal data from Android and other devices.
- Business Email Compromise (BEC): This scam targets individuals and businesses who have the ability to send wire transfers, checks, and automated clearing house (ACH) transfers.
- Exploiting VPN Security: Despite the fact that Virtual Private Networks will improve remote working security, most people not aware of basic security features around VPNs. Helical has covered prior government security alerts around VPNs and state sponsoring hacking of VPN’s.
How Hackers Are Evolving Tactics To Attack Work From Home Vulnerabilities
Cybercriminal tactics are always evolving and have recently been tuning into the new increase in active professional and personal online collaboration, such as video conferencing. There are some other common techniques being used such as:
- COVID-19 Situation Report Email
The message looks genuine and heartfelt. It begins by stating that the user had come into contact with an acquaintance (addresses users by name to make the message look genuine). The message goes on to ask the user to print a pre-filled form (sent via an attachment) and proceed to the nearest COVID-19 clinic.
Once the document is opened, the sensitive data gets encrypted by ransomware forcing the user to pay a ransom to have access to their data.
The best solution to such an email is to ignore it and drag it to the recycle bin.
- Notification Emails
Many a time, users inboxes get flooded with notification emails. These are phishing attempts that download second-stage malware on your laptop or computers. These programs can perform malicious actions like stealing web browser cookies, cryptocurrency wallets, and enumerate system information.
Users should install VPN security solutions to mitigate such remote working security risks. Remote workforce users should enable VPN server logs or SaaS logs. Single-sign-on (SSO) and Two Factor Authentication (2FA/MFA) logs can also help limit unauthorized access.
- Request For Payment Outside Normal Course Due To COVID-19
A trademark of a BEC wire fraud is the hacker compromising the email of someone a company normally does business with and requesting funds to be sent to a different account. During this pandemic, BEC fraudsters tweaked this by leveraging the COVID-19 chaos and requesting payment outside the normal course of business due to assorted disruptions.
- Spurious email links
Hackers take advantage of such situations by pushing in malicious links through phishing emails. Such emails come with a link that could lead to fake websites such as a spurious bank or Government department website. Clicking on such links can end up with the user compromising on his/her confidential data.
The solution is to let the mouse cursor hover over the link. It will reveal the exact web address. If the web address appears suspicious, it is advisable to ignore the email and delete it.
What Steps can Organizations take to secure the Remote Workforce
Here are some steps that can help organizations to provide secure remote work environment to its employees and protect their information assets from cyber adversaries:
- Monitor Your Remote Workers: Cloud-based tools and solutions, such as the Helical’s Endpoint IT Security Policy Validator, can ensure seamless and unobtrusive monitoring of your remote workers without violating their privacy. Continuous monitoring ensures remote office environments are kept secure.
- Install Updates and Security Patches: Ensure that employees who are working remotely have the latest and updated antivirus software, operating systems installed on their systems and patches are applied as soon as released, this includes regularly updating web browser, browser plugins and document readers.
- Encrypt Your Mobile Devices: End-to-end encryption of communication can help to prevent the hackers from infiltrating your mobile devices such as laptops, smartphones, etc.
- Train Your Employees: Provide training, create awareness amongst your employees about malicious cyber activities like phishing, ransomware, social engineering attacks, Business Email Compromise and other Work From Home security risks.
With the rapid shifts in how we all work, organizations and remote workers need to be aware of remote working security risks. For example, building awareness will minimize the risk of remote workers uploading files to unsecured systems or use unsafe communication systems. Users should also be aware of security measures like employing robust passwords and changing them regularly, manually typing in website addresses (versus clicking through), and reporting suspicious activity to their organization.
Tags: #remote_working_security_risks #telecommuting #work_from_home_security_risks #VPN_Security #secure_remote_work_environment