The Risks Of Remote Working

Uploaded on 2020-04-08 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A large numbers of firms are sending out work-from-home policies with the aim to limit the risks of the coronavirus and cyber security experts are now saying that remote workplace setups are encouraging new hacking attacks. 

The FBI has issued a statement about fraud related to the virus, particularly by scammers posing as official health agencies and other seemingly offical organisations  

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them....Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”

The FBI advice is to carefully check and don’t open or respond to Fake Disease Control and Prevention emails, Phishing emails apparently from the government asking for your personal information and Counterfeit Treatments or Equipment that talks about prevention or treatment of the virus.

Recently, a hacking group tried to break into the World Health Organisation (WHO). The breach was discovered by Alexander Urbelis, a hacker-turned-information-security lawyer who founded the New York Blackstone Law Group. Although Urbelis can't be certain about the identity of the hackers, he says the group replicated a portal used by remote World Health Oragisations (WHO) employees that he describes as "very, very convincing."

Cyber Attack Targeting WHO
The group that targeted the WHO, has been watched for quite a while and it appears that the group has reawakened or reactivated some of its infrastructure. There are some indications that a group by the name of DarkHotel, first identified by the experts at Kaspersky, known for targeting hotel guests and Wi-Fi networks, may be responsible for this particular type of attack.

Their attacks are elegant and well researched. The attackers perform a significant amount of reconnaissance on the configurations and the systems and they carefully create portals that look exactly like the victims' portals.

That's was what was seen with the WHO on the 13th of March. A URL, a Web address, was created and put together that exactly mirrored the doorway to World Health Organisation's internal file systems. So it was the external link to the internal file systems, that portal that remote employees would use to access the WHO, let's say if they were working from home and that's what this group had replicated.

This group not only replicate the portals of the WHO, but major research universities and many other intergovernmental organisations like the WHO.  In fact, the same day that the WHO was targeted by this particular group, they also targeted certain components of the United Nations

The DarkHotel hackers have the chracteristics of being a state-sponsored or state-affiliate group. That means that they could be considered as an APT, an advanced persistent threat, essentially a force to be reckoned with.

Reuters:         FBI:        NPR      NetNebraska

You Might Also Read: 

Stay Cyber-Secure Working From Home:

 

« An 'Infodemic' Of Phishing & Malware
Supporting British Healthcare Cybersecurity During COVID-19 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

FixMeStick

FixMeStick

FixMeStick is a virus removal device, a USB key that removes malware conventional antivirus software often can’t detect.

Ntrepid

Ntrepid

Ntrepid products provide protection from web threats and enable organizations to safely conduct their online activities.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

ITonlinelearning

ITonlinelearning

ITonlinelearning specialises in providing professional certification courses to help aspiring and seasoned IT professionals develop their careers.

Nova Leah

Nova Leah

Nova Leah helps connected medical device manufacturers meet cybersecurity compliance requirements throughout the entire product lifecycle.

Scout Ventures

Scout Ventures

Scout Ventures is an early stage venture capital firm that is making the world a better, safer place by cultivating standout frontier technologies.

Agio

Agio

Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries.

Hazy

Hazy

Hazy specialises in financial services, helping some of the world’s top banks and insurance companies reduce compliance risk.

Keeper Security

Keeper Security

Keeper is a leading enterprise password manager and cybersecurity platform for preventing password-related data breaches and cyberthreats.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

Neptune Cyber

Neptune Cyber

Neptune is a cyber security company that works exclusively in the marine sector. Our team combines experts in shipbuilding, maintenance and operations and cyber security testing and design.

NetCentrics

NetCentrics

NetCentrics leverages an innovative, agile, ‘what’s-next’ approach to our customers’ IT and cyber challenges.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.

BLOCX

BLOCX

BLOCX is designed to address the ever-growing challenges of managing and securing digital devices, from personal computers to corporate networks.

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).