Covid-19 Virus Impacts Home Working

Uploaded on 2020-03-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

As the global Coronavirus epidemic hits economies worldwide many employees are working from home, forcing organisations to allow mass remote connections to internal work networks and resources. This  is increasing cyber-criminal behaviour, which is now focusing on the effects of the virus and working from home on less secure networks. 

The C-19 virus is being increasingly used as a subject to engage readers and then used for phishing emails and deliver a range of other attack vectors.

Global Computer Emergency Response Teams (CERTs) have doubled down on their warnings for the public to be wary of scams and cyber-attacks referencing the coronavirus pandemic.Attackers ranging from cyber criminals to suspected spies have cynically used alarm about the global health emergency as bait for phishing or malware-based attacks.

The UK’s National Cyber Security Centre (NCSC) put out a similar warning that elaborates on the range of attacks being carried out by cyber criminals seeking to exploit Covid-19. “These attacks are versatile and can be conducted through various media, adapted to different sectors and monetised via multiple means, including ransomware, credential theft, bitcoin or fraud,” according to the NCSC.

The rationale behind the increase in these attacks is simple. Mass working over remote connection equals mass remote login activity, mostly over private insecure machines with user accounts that have never done so before, making remote login credentials an easy target for attackers.

A study by Cynet has found a correlation between rising cases of COVID-19 in Italy and increasing cyber-attacks on remote workers.

Cynet analysed its aggregate company data in Italy and found that companies with higher proportions of employees working remotely due to COVID-19 cases saw a rise in phishing attacks, compared to countries with fewer attacks.These phishing attacks include those targeting remote user credentials, as well as weaponised email attacks. 

  • 35% of personal email systems encountered attacks involving exploitation of or redirection to malicious websites,
  • 32% were affected by malicious macros,
  •  21% by more simplistic means involving malicious links embedded in the email body.
  • Malicious remote login attempts have also been found to increase in a similar fashion to phishing attacks among Cynet customers.

Malware and email viruses that use Coronavirus-themed messages are aimed at tricking people into fake information and get them to give security data has now spread to over a dozen countries, according to security firm Proofpoint. The company also reported that attackers are beginning to register URLs and create fake websites relating to Coronavirus in order to carry out malicious activity.

The advice from the NCSC is that organisations should prepare for increased remote working and ensure staff are vigilant with work devices that may contain sensitive data. It warns that employees are more likely to have their devices stolen or lost when they are away from the office or home, so efforts must be made to ensure data is encrypted while in a resting state.

Means of Protection
In regards to how cyber-attacks were prevented from infiltrating company systems, over 40% were nullified by behavioural analysis, while almost 30% were stopped by static analysis on the part of machine learning,

Memory monitoring, meanwhile, did the trick for nearly 20%, and slightly over 10% by identification and blocking attacks using the user’s signature. “The fact that only 10% of the malware attacks were identified by their signature indicates that the attackers behind these campaigns are using advanced attacking tools to take advantage of the employees working in non-secure home computing environments,” said Eyal Gruner, CEO and co-founder of Cynet. “Our recommendation is for those employees to request enhanced offsite security and support to protect malicious access to sensitive IT systems and data.”

Cynet's blog post that the findings serve as a warning for CISOs worldwide in regards to possible vulnerabilities as a result of the COVID-19 pandemic. 

CyNet:     Information-Age:      Independent:   Portswigger:     Evening Express

You Might Also Read:

Cyber Crime Methods Are Evolving:

 

 

 

« Remote Working Is On Suddenly On Trend
How Effective Is Your Threat Intelligence? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

Centre for Secure Information Technologies (CSIT)

Centre for Secure Information Technologies (CSIT)

CSIT is a UK Innovation and Knowledge Centre (IKC) for secure information technologies. Our vision is to be a global innovation hub for cyber security.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

XM Cyber

XM Cyber

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk.

Cyber Police of Ukraine

Cyber Police of Ukraine

Cyber Police of Ukraine is a law enforcement agency within the the Ministry of Internal Affairs of Ukraine dedicated to combating cyber crime.

CloudOak

CloudOak

CloudOak is a cloud channel provider for hybrid cloud Backup as a Service (BaaS), Disaster Recovery as a Service (DRaaS) and Archiving to Small to Medium Business (SMB).

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

PrivacySavvy

PrivacySavvy

PrivacySavvy's mission is to provide you with all the information that you need to ensure that your internet privacy is intact, your devices are secure, and that any time you step online, you’re safe.

Secret Intelligence Service (SIS - MI6)

Secret Intelligence Service (SIS - MI6)

The UK’s Secret Intelligence Service, also known as MI6, has three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

LAVAAT

LAVAAT

At LAAVAT, our goal is to make it easy for our customers to build secure IoT devices without a need to invest considerably in embedded security and cryptography expertise.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

DHCO IT

DHCO IT

The DHCO IT team are experts in IT support, cyber security, cloud support and disaster recovery, and are Microsoft 365 partners.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.

Boldend

Boldend

Boldend offers leading-edge offensive and defensive cybersecurity solutions that empower government and commercial organizations to stay resilient in an evolving threat landscape.