Hackers Are Exploiting Remote Workers

In the shadowy world of cybercrime, the coronavirus emergency is seen as a big opportunity.  Experts are warning of a new wave of cyber attacks targeting those who are forced to work from home during the coronavirus outbreak. There is increasing evidence that hackers are using the concerns over the virus to prey on individuals and that working outside secure office environments opens the door to more cyber vulnerabilities. 

Periods of change and transition create new vectors of attack, new exposure surfaces to exploit, and new ways to steal the personal data of employees or the trade secrets of companies.

Experts say that cyber criminals are devising ways of taking advantage of millions of employees transitioning to work-from-home situations. They know that employees will be connecting to their companies’ servers and other resources in a very different way. They are also aware that many employees will be doing their work on computers normally used for personal affairs, and that other workers will rely more on their mobile devices in the absence of a work computer.

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged that organisations keep their systems updated and patched and be transparent with employees about the dangers of malicious emails, particularly those that use coronavirus fears to tempt individuals to click on them and download computer viruses.

In Britian the National Cyber Security Centre (NCSC), UK, has issued a security advisory, urging those who use smart cameras and baby monitors in the home to take the steps necessary to protect their devices from cyber criminals.

Similar to large parts of the world at present much of Israeli public are working from home under movement restrictions following the government directives ordering non-essential workers to stay home to stem the spread of the coronavirus. Officials there say criminals are using telephone ‘phishing’ attacks to try to access company login credentials and the Israeli National Cyber Authority has warned the public of an increased danger of hacking attacks as more Israelis work from home amid the coronavirus outbreak. 

They specifically warned of so-called voice phishing or “vishing” attacks, a type of phone fraud where criminals scam victims into giving up private information, usually for identity theft. Phishing attacks are carried out via email or other online communication.

In attacks that took place this week in Israel, workers received phone calls that appeared to be from their companies’ computer departments asking for their usernames and passwords. The hackers aim to infiltrate the firms to gain information for leaks, access encrypted files, destroy information or cause other damage to the organization or its employees, the cyber authority said.

An Israeli financial company has resited an attempted hacking of its employees when some of the firm’s workers received calls purportedly from its technical department asking in Hebrew for usernames and passwords to the company’s virtual private network. 

The Israeli National Cyber Authority which recommends that companies raise awareness among their workers, and use two-step and multi-channel authentication measures. In recent weeks the authority has warned several times of fraud online amid the pandemic, saying it has identified over 5,000 suspicious coronavirus-related websites.

Israeli National Cyber Directorate:     Times of Israel:     SC Magazine:     Fast Company:      The Hill:   


You Might Also Read: 

Remote Working Is On Suddenly On Trend:

 

 

 

« New Guidelines For Maritime Cyber Security
London’s National Gallery Hit With 2 Million Attacks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The Networking People (TNP)

The Networking People (TNP)

TNP supplies independent advice allowing large organisations to design, build and operate their own networks independently of the established telecoms companies.

eco

eco

eco, with more than 950 member organizations, is the largest Internet industry association in Europe.

ENEA Qosmos Division

ENEA Qosmos Division

Qosmos, a division of Enea, leads the market for IP traffic classification and network intelligence technology used in physical, SDN and NFV architectures.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

ClearBlade

ClearBlade

ClearBlade is the Edge Computing software company enabling enterprises to rapidly engineer and run secure, real-time, scalable IoT applications.

Arctic Wolf Networks

Arctic Wolf Networks

Arctic Wolf Networks delivers the industry-leading security operations center (SOC)-as-a-service that redefines the economics of cybersecurity.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

iHLS Startups Accelerator

iHLS Startups Accelerator

iHLS Accelerator is the first startup accelerator in the world in the security and homeland security field.

Cyber Pathways

Cyber Pathways

Cyber Pathways brings together the next generation of Cyber professionals along with delegates who are looking to cross train and enter the cyber market.

CounterFind

CounterFind

CounterFind is turnkey technology that allows brands to find and remove counterfeit and infringing merchandise from online marketplaces and social media sites.

Veridium

Veridium

Veridium is a leader in single step - multi factor biometric authentication, designed to safeguard enterprises’ most critical assets.

7layers

7layers

7layers has established itself as one of the world’s leading test house groups for mobile devices and the growing number of wireless devices, modules and chipsets.

CyNam

CyNam

CyNam is a platform for enabling the growth and development of people and organisations within Cheltenham’s flourishing cyber technology ecosystem.

Stratia Cyber

Stratia Cyber

Stratia Cyber is an independent, technology agnostic company providing high quality, pragmatic cyber security consultancy and expertise.