Covid-19 Virus Impacts Home Working

Uploaded on 2020-03-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

As the global Coronavirus epidemic hits economies worldwide many employees are working from home, forcing organisations to allow mass remote connections to internal work networks and resources. This  is increasing cyber-criminal behaviour, which is now focusing on the effects of the virus and working from home on less secure networks. 

The C-19 virus is being increasingly used as a subject to engage readers and then used for phishing emails and deliver a range of other attack vectors.

Global Computer Emergency Response Teams (CERTs) have doubled down on their warnings for the public to be wary of scams and cyber-attacks referencing the coronavirus pandemic.Attackers ranging from cyber criminals to suspected spies have cynically used alarm about the global health emergency as bait for phishing or malware-based attacks.

The UK’s National Cyber Security Centre (NCSC) put out a similar warning that elaborates on the range of attacks being carried out by cyber criminals seeking to exploit Covid-19. “These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud,” according to the NCSC.

The rationale behind the increase in these attacks is simple. Mass working over remote connection equals mass remote login activity, mostly over private insecure machines with user accounts that have never done so before, making remote login credentials an easy target for attackers.

A study by Cynet has found a correlation between rising cases of COVID-19 in Italy and increasing cyber-attacks on remote workers.

Cynet analysed its aggregate company data in Italy and found that companies with higher proportions of employees working remotely due to COVID-19 cases saw a rise in phishing attacks, compared to countries with fewer attacks.These phishing attacks include those targeting remote user credentials, as well as weaponised email attacks. 

  • 35% of personal email systems encountered attacks involving exploitation of or redirection to malicious websites,
  • 32% were affected by malicious macros,
  •  21% by more simplistic means involving malicious links embedded in the email body.
  • Malicious remote login attempts have also been found to increase in a similar fashion to phishing attacks among Cynet customers.

Malware and email viruses that use Coronavirus-themed messages are aimed at tricking people into fake information and get them to give security data has now spread to over a dozen countries, according to security firm Proofpoint. The company also reported that attackers are beginning to register URLs and create fake websites relating to Coronavirus in order to carry out malicious activity.

The advice from the NCSC is that organisations should prepare for increased remote working and ensure staff are vigilant with work devices that may contain sensitive data. It warns that employees are more likely to have their devices stolen or lost when they are away from the office or home, so efforts must be made to ensure data is encrypted while in a resting state.

Means of Protection
In regards to how cyber-attacks were prevented from infiltrating company systems, over 40% were nullified by behavioural analysis, while almost 30% were stopped by static analysis on the part of machine learning,

Memory monitoring, meanwhile, did the trick for nearly 20%, and slightly over 10% by identification and blocking attacks using the user’s signature. “The fact that only 10% of the malware attacks were identified by their signature indicates that the attackers behind these campaigns are using advanced attacking tools to take advantage of the employees working in non-secure home computing environments,” said Eyal Gruner, CEO and co-founder of Cynet. “Our recommendation is for those employees to request enhanced offsite security and support to protect malicious access to sensitive IT systems and data.”

Cynet's blog post that the findings serve as a warning for CISOs worldwide in regards to possible vulnerabilities as a result of the COVID-19 pandemic. 

CyNet:     Information-Age:      Independent:   Portswigger:     Evening Express

You Might Also Read:

Cyber Crime Methods Are Evolving:

 

 

 

« Remote Working Is On Suddenly On Trend
How Effective Is Your Threat Intelligence? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Foregenix

Foregenix

Foregenix are global specialists in Digital Forensics and information security including Penetration testing and Website Security.

Mi-Token

Mi-Token

Mi-Token is an advanced two-factor authentication solution that offers unparalleled security, flexibility, cost-effectiveness and ease of use.

Owl Cyber Defense

Owl Cyber Defense

Owl patented DualDiode Technology enables hardware-enforced network segmentation and deterministic, one-way transfer of all data types and file sizes.

Sensible Vision

Sensible Vision

SensibleVision helps organizations transparently protect data and prevent costly security breaches by constantly verifying the identities of people who use computers or mobile devices.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Omada

Omada

Omada is a leading provider of IT security solutions and services for identity management and access governance.

ComCERT

ComCERT

ComCERT SA is an independent, private consulting company focusing in the assistance of its customers facing the dangers of cyber threats and security incidents.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

Elpha Secure

Elpha Secure

Elpha Secure provides a comprehensive cybersecurity solution, combining technology and insurance to protect against cyber threats.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

Hudson Cybertec

Hudson Cybertec

Hudson Cybertec are an internationally recognized Subject Matter Expert for cyber security in the Industrial Automation & Control Systems (IACS) domain.

LeadingIT

LeadingIT

Leading IT provides IT support, cloud computing, email support, cybersecurity, networking and firewall services to Chicagoland businesses.

Telefonica Global Solutions (TGS)

Telefonica Global Solutions (TGS)

Telefonica Global Solutions is the technological partner of wholesalers and enterprises, helping them to achieve the digitalization they need.

Bright Security

Bright Security

Bright Security is a developer-centric Dynamic Application Security Testing (DAST) solution that helps organizations ship secure applications and APIs quickly and cost-effectively.

Convergint

Convergint

Convergint is a service-based systems integrator working alongside a global network of partners and manufacturers to deliver a range of solutions including cybersecurity.