Remote Employees Targeted By Cybercriminals Taking Advantage of the COVID-19 Crisis

The COVID-19 pandemic has made it compulsory for lots of persons to self-isolate. Organizations are under rising pressure to permit their personnel to work from their home if possible. Though these actions are needed to keep men and women safe and avert infection, having numerous personnel working remotely raises cyber risk. If people work from their home and join work networks remotely making use of portable electronic equipment, the attack surface expands significantly and new vulnerabilities are created that attackers can exploit. With attacks directed at remote workers going up, it is crucial to make certain that cybersecurity measures for safeguarding remote personnel are implemented to minimize risk.

Phishing Campaigns Directed at Remote Personnel

Cybercriminals are presently exploiting the coronavirus outbreak and are making COVID-19 and coronavirus-related traps in phishing and social engineering attacks in order to swipe account information and install malware. The first principal coronavirus-style phishing and malware infection campaigns were identified at the beginning of January and the number of malicious text messages has grown significantly in the next weeks. Phishing attacks will most probably escalate as cybercriminals seek to steal remote access information and use it for weaponized email attacks that spread malware.

Campaigns directed at remote personnel have furthermore recently been identified. One such campaign warns remote workers to positive COVID-19 tests withinside their firm. The messages mimic their employer and state to have specifics of emergency practices that were employed, which remote personnel is instructed to click open, read through and print out. Upon clicking open the attachments and permitting content will cause a malware install. Security analysts have likewise noticed a growth in domains being employed for running malware attacks.

VPN Vulnerabilities Exploitation

In the previous year, various critical vulnerabilities were found in the Virtual Private Network (VPN) solutions which are employed by remote personnel for safe linking to their work networks. Pulse Policy Secure and Pulse Connect Secure gateways and FortiGuard and FortiGuard solutions were identified to have flaws. Though patches were available to resolve the flaws, a large number of organizations didn’t employ the patches considering that the solutions were used 24/7. APT groups snapped up the chance and exploited the flaws to access the networks of organizations. At this point, with numerous personnel employing VPNs and working at home, attacks are escalating once more.

A good number of companies are nowadays employing VPN services, teleconferencing tools, and other remote access applications for the first time, and have been required to utilize the solutions fast. Web and email services which were merely accessed within the organization have already been reconfigured to make certain it permits external access. The first time those internal services were accessible to the internet. The speed at which the changes were made to support telecommuting workers suggests that companies have not been able to verify carefully and make certain that security is enough.