Skip to main content

Coronavirus: Back-to-Basics Threats, Back-to-Basics Security

May 04, 2020

The COVID-19 pandemic has inspired hackers to break out some older, more basic attack methods to exploit work-from-home security vulnerabilities. In today’s guest post, Carbon Black’s Darius Eslami offers tips to protect your organization against suddenly-popular old-school exploits.

Part one of a series.

Security teams have spent decades building up their defenses against cyberattacks. Unfortunately, having employees social distancing and working from home is circumventing these protections. Home networks and personal devices are being used to access company networks and information and most companies don’t have the security infrastructure in place to handle remote work at scale.

Attackers see this as an opportunity to exploit and are reverting to simple phishing and malware techniques to beach corporate networks. For cybersecurity professionals, this means we need to go back to the basics.

Why We Are So Vulnerable

Phishing attacks have increased with the rise of social distancing. In fact, over 1,700 Zoom-themed domains have been registered since January. We’re even seeing things like “CoronaVirus Ransomware” pop-ups.

There are many reasons attackers see COVID-19 as an opportunity to use basic techniques to get corporate credentials. Here are just a few:

  1. Home networks – Home networks aren’t as secure as corporate networks. Remote workers accessing the corporate network via VPN could be a way for attackers to hop from the home network to the corporate network.
  2. Influx of emails – With the influx of emails relating to COVID-19 information, it’s easy for a hackers to send a phishing email with a link to information a user might unknowingly click on.
  3. New tools – Widely used virtual collaboration tools, like Zoom, are an opportunity to use similar domains to gather user information.
  4. Shared devices – Employees may be sharing devices with their children, who are potentially more prone to clicking on fake websites and entering information.
  5. Stress and distraction – This unique situation can lead to employees, who have been well trained to avoid phishing scams, to fall prey due to the stress and distraction they may be experiencing in their home environments.
  6. Fewer defenders – Defenders are social distancing, too, and security admins may not have the same visibility into attacks as they had in the office. Attackers can worry less about hiding their tracks and continue to attack servers one at a time.

Actions to Get Back to Security Basics

The increased risk of attack means cybersecurity professionals need to take some basic actions to keep endpoints protected.

  1. Communicate to employees what to watch for. Give clear examples of phishing that may target them during remote work, such as typosquatting or virtual meeting app targeting, and what to look for to vet the credibility of corporate-looking emails.
  2. Take these 10 actions to ensure remote workers are as secure as possible.
  3. Wherever possible automate security tasks like testing so you can cover more with fewer resources.
  4. Take advantage of the additional help being offered by security vendors to protect remote devices. For instance, latest threats from the cybersecurity community.

Strengthening Remote Work Security is Good for the Long Haul

Social distancing will hopefully go away at some point, but remote work is here to stay. As more companies learn how to operate with remote workers, more jobs will transform into telecommuting assignments. This means that the need to secure remote workers will not go away. Given this, take the opportunity to make security decisions that will strengthen your security posture for years to come.


    Darius Eslami

By: Darius Eslami

VMware Carbon Black Marketing Programs Manager

See More

Related Blogs

August 23, 2016

Business Driven Vendor Risk Assessment Template

The pace and level of outsourcing has continued to evolve and now includes any and all business areas and cloud services. Outsourcing decisions often ...

See Details

July 18, 2017

Control Maturity vs. Control Risk: A Client Discussion

A client for whom I serve as CISO advisor posed an interesting question to me last week, “What if we measure and report on control maturity instead of...

See Details

October 25, 2017

GDPR Part 1: A Legal, IT, or Information Security Issue?

The General Data Protection Regulation (GDPR) is a new regulation affecting organizations that reside in the European Union (EU) or merely transmit EU...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

RELATED INSIGHTS

March 26, 2020

COVID-19: Securing Work From Home

CISOs must consider COVID ramifications on a larger scale and not lose sight of their organizational roadmap.

See Details

April 14, 2020

COVID-19: Strategies to Stay Secure and Ensure Business Continuity

For COVID-related resources and actionable checklists, please visit optiv.com/covid-19-response.

See Details

April 02, 2020

COVID-19: Thwarting Opportunistic Attackers Technical Checklist

This checklist articulates steps you can take to harden security during the COVID crisis.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.