Hackers Are Exploiting Remote Workers

In the shadowy world of cybercrime, the coronavirus emergency is seen as a big opportunity.  Experts are warning of a new wave of cyber attacks targeting those who are forced to work from home during the coronavirus outbreak. There is increasing evidence that hackers are using the concerns over the virus to prey on individuals and that working outside secure office environments opens the door to more cyber vulnerabilities. 

Periods of change and transition create new vectors of attack, new exposure surfaces to exploit, and new ways to steal the personal data of employees or the trade secrets of companies.

Experts say that cyber criminals are devising ways of taking advantage of millions of employees transitioning to work-from-home situations. They know that employees will be connecting to their companies’ servers and other resources in a very different way. They are also aware that many employees will be doing their work on computers normally used for personal affairs, and that other workers will rely more on their mobile devices in the absence of a work computer.

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged that organisations keep their systems updated and patched and be transparent with employees about the dangers of malicious emails, particularly those that use coronavirus fears to tempt individuals to click on them and download computer viruses.

In Britian the National Cyber Security Centre (NCSC), UK, has issued a security advisory, urging those who use smart cameras and baby monitors in the home to take the steps necessary to protect their devices from cyber criminals.

Similar to large parts of the world at present much of Israeli public are working from home under movement restrictions following the government directives ordering non-essential workers to stay home to stem the spread of the coronavirus. Officials there say criminals are using telephone ‘phishing’ attacks to try to access company login credentials and the Israeli National Cyber Authority has warned the public of an increased danger of hacking attacks as more Israelis work from home amid the coronavirus outbreak. 

They specifically warned of so-called voice phishing or “vishing” attacks, a type of phone fraud where criminals scam victims into giving up private information, usually for identity theft. Phishing attacks are carried out via email or other online communication.

In attacks that took place this week in Israel, workers received phone calls that appeared to be from their companies’ computer departments asking for their usernames and passwords. The hackers aim to infiltrate the firms to gain information for leaks, access encrypted files, destroy information or cause other damage to the organization or its employees, the cyber authority said.

An Israeli financial company has resited an attempted hacking of its employees when some of the firm’s workers received calls purportedly from its technical department asking in Hebrew for usernames and passwords to the company’s virtual private network. 

The Israeli National Cyber Authority which recommends that companies raise awareness among their workers, and use two-step and multi-channel authentication measures. In recent weeks the authority has warned several times of fraud online amid the pandemic, saying it has identified over 5,000 suspicious coronavirus-related websites.

Israeli National Cyber Directorate:     Times of Israel:     SC Magazine:     Fast Company:      The Hill:   


You Might Also Read: 

Remote Working Is On Suddenly On Trend:

 

 

 

« New Guidelines For Maritime Cyber Security
London’s National Gallery Hit With 2 Million Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

Microsoft Security

Microsoft Security

Microsoft Security helps protect people and data against cyberthreats to give you peace of mind. Safeguard your people, data, and infrastructure.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

Nexus Group

Nexus Group

Nexus Group develops identity solutions for physical and digital access.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

SaferVPN

SaferVPN

SaferVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Ingenio Global

Ingenio Global

Ingenio is a specialist recruitment business for SaaS companies. Our purpose is to source exceptional talent in areas including cyber security for leading SaaS companies in the UK and Ireland.

Deepnet Security

Deepnet Security

Deepnet Security is a leading security software developer and hardware provider in Multi-Factor Authentication (MFA), Single Sign-On (SSO) and Identity & Access Management (IAM).

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

UK Cyber Security Council (UKCSC)

UK Cyber Security Council (UKCSC)

The role of The UK Cyber Security Council is to champion the cybersecurity profession across the UK, provide representation for the industry, accelerate awareness and promote excellence.

Cybrella

Cybrella

Cybrella offers professional cybersecurity services for small to medium sized businesses and to larger enterprises looking to expand their cybersecurity capabilities.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

OneCollab

OneCollab

OneCollab, your unwavering ally in the dynamic landscape of IT services and cybersecurity.

Trofi Security

Trofi Security

Trofi Security provides Information Technology and Information Security services to organizations in both the public and private sectors.