A recent Threatpost poll percent of the companies transitioning to WFH experienced a spike in cyberattacks. The survey concluded that patching and updating are among the top challenges for employees when securing their remote footprint. found that 40 Even the world’s top technology companies are not immune. Microsoft warned Windows 10 users of “limited targeted attacks” that could infiltrate their operating systems using malware –– and worse, there's no patch to fix it. “Attackers are taking advantage of the current shift to remote work by promoting malware masquerading as VPN installers,” explains Vicarius co-founder Michael Assraf. The Types of Attacks Cyberattacks have surged in countries hardest hit by the virus, such as Italy. In late February 2020, Trickbot , primarily targeting Italian entities, according to Jim Walter of SentinelLabs. “This is dangerous as businesses make the transition to remote work and suggest best practices to employees, including the use of VPNs.” campaigns were tracked Some are referring to it as a ‘phishing epidemic,’ with more fake COVID-19-themed applications, advertisements and emails appearing each day. “We are now seeing that hackers view this pandemic as a great opportunity to ,” said a spokesperson for Check Point, an Israeli cybersecurity firm tracking the increase in attacks over recent weeks. “Just like Cyber Monday or Black Friday, our researchers have found several ‘coronavirus specials”. accelerate their business A lot of damage has already been done. According to experts since the beginning of January, the period where initial outbreaks were reported, there have been over 16,000 new coronavirus-related domain registrations. “A widespread -themed phishing campaign was recently identified targeting Italian organizations. These attacks were aimed at over 10% of all organizations in Italy, with the aim of exploiting concerns over the growing spike in confirmed cases.” targeted corona Another epicenter is Spain, where cybercriminals are using a banking Trojan coronavirus, called Ginp, to play on people’s fears. The Kaspersky Security Network notes that “as people all around the world started working from home and practicing social distancing, the latter in some cases may evolve into paranoia.” related to the Ginp opens a web-page called Coronavirus Finder and cons people into giving their credit card information in exchange for information about COVID-19 victims in their area. “Oh, what a relief for some people would it be to know whom to avoid!” “The technical challenges of working at home are enormous, and now I’m worried about hackers, too,” lamented one remote employee. “If it wasn’t for that, working from home would be way less stressful.” Reducing Exposure to Cyber Attacks The Internet can be a hostile environment. The threat of attack is ever-present as new vulnerabilities are released and commodity tools are produced to exploit them. Doing nothing is no longer an option. Protect your organization and your reputation by establishing some basic cyber defenses to ensure that your name is not added to the growing list of victims. “Attackers are taking advantage of the current shift to remote work by promoting malware masquerading as VPN installers,” say experts in Cybereason in a statement to the media. There are effective and affordable ways that organizations can reduce their exposure to cyber-attacks like using firewalls and internet gateways. Companies can establish network perimeter defenses, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent users’ computers from communicating directly with the Internet.  Because of the scattered nature of the WFH workforce, and the fact that the organization no longer has a perimeter - some of those techniques are not effective anymore. : Most of the COVID attacks exploited existing software vulnerabilities. Having the ability to find and mitigate software threats on your WFH workforce is mandatory. Software threat tracking and patching : It is important to establish and maintain malware defenses to respond appropriately to an attack code that is known. Malware Protection : Make sure that an appropriate password policy is in place and it is followed. You will also need to include limits on normal users’ execution permissions and enforce the principle of least privilege. Password Policy If you feel that your organization could be attacked by technically advanced hackers, additional controls like security monitoring - to identify any unexpected or suspicious activity user training education and awareness. Also, it is a good idea to reach out to cybersecurity experts to help your organization deal with the threats. To deal with the escalation, some cybersecurity firms like Vicarius are offering their free assistance.  “The solutions to solve such problems are there in the market. You just have to find a company that can help you solve the problem for you,” says  Michael Assraf, the co-founder of . Vicarius

Check Point

Microsoft

The Growing Cyber Risks of a Work From Home Workforce

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

AI in Real Estate: Helping Agents Drive Sales

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

2gether compensates for its crypto cyber-attack losses

3 Simple Upgrades to Improve SMB Cybersecurity

3 Steps Retailers Should Take to Prevent Holiday Data Breaches

3 Tips To Prevent Mobile Banking Trojans

AI in Real Estate: Helping Agents Drive Sales

3 Cybersecurity Priorities for 2021: Threat Fatigue; Remote Work; Budget

2gether compensates for its crypto cyber-attack losses

3 Simple Upgrades to Improve SMB Cybersecurity

3 Steps Retailers Should Take to Prevent Holiday Data Breaches

3 Tips To Prevent Mobile Banking Trojans

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps