A recent Threatpost poll found that 40 percent of the companies transitioning to WFH experienced a spike in cyberattacks. The survey concluded that patching and updating are among the top challenges for employees when securing their remote footprint.
Even the worldâs top technology companies are not immune. Microsoft warned Windows 10 users of âlimited targeted attacksâ that could infiltrate their operating systems using malware ââ and worse, there's no patch to fix it. âAttackers are taking advantage of the current shift to remote work by promoting malware masquerading as VPN installers,â explains Vicarius co-founder Michael Assraf.Â
The Types of Attacks
Cyberattacks have surged in countries hardest hit by the virus, such as Italy. In late February 2020, Trickbot campaigns were tracked, primarily targeting Italian entities, according to Jim Walter of SentinelLabs. âThis is dangerous as businesses make the transition to remote work and suggest best practices to employees, including the use of VPNs.â
Some are referring to it as a âphishing epidemic,â with more fake COVID-19-themed applications, advertisements and emails appearing each day.Â
âWe are now seeing that hackers view this pandemic as a great opportunity to accelerate their business,â said a spokesperson for Check Point, an Israeli cybersecurity firm tracking the increase in attacks over recent weeks. âJust like Cyber Monday or Black Friday, our researchers have found several âcoronavirus specialsâ.
A lot of damage has already been done. According to experts since the beginning of January, the period where initial outbreaks were reported, there have been over 16,000 new coronavirus-related domain registrations.
âA widespread targeted corona-themed phishing campaign was recently identified targeting Italian organizations. These attacks were aimed at over 10% of all organizations in Italy, with the aim of exploiting concerns over the growing spike in confirmed cases.â
Another epicenter is Spain, where cybercriminals are using a banking Trojan related to the coronavirus, called Ginp, to play on peopleâs fears. The Kaspersky Security Network notes that âas people all around the world started working from home and practicing social distancing, the latter in some cases may evolve into paranoia.âÂ
Ginp opens a web-page called Coronavirus Finder and cons people into giving their credit card information in exchange for information about COVID-19 victims in their area. âOh, what a relief for some people would it be to know whom to avoid!â
âThe technical challenges of working at home are enormous, and now Iâm worried about hackers, too,â lamented one remote employee. âIf it wasnât for that, working from home would be way less stressful.â
Reducing Exposure to Cyber Attacks
The Internet can be a hostile environment. The threat of attack is ever-present as new vulnerabilities are released and commodity tools are produced to exploit them. Doing nothing is no longer an option. Protect your organization and your reputation by establishing some basic cyber defenses to ensure that your name is not added to the growing list of victims.
 âAttackers are taking advantage of the current shift to remote work by promoting malware masquerading as VPN installers,â say experts in Cybereason in a statement to the media.Â
There are effective and affordable ways that organizations can reduce their exposure to cyber-attacks like using firewalls and internet gateways. Companies can establish network perimeter defenses, particularly web proxy, web filtering, content checking, and firewall policies to detect and block executable downloads, block access to known malicious domains and prevent usersâ computers from communicating directly with the Internet. Because of the scattered nature of the WFH workforce, and the fact that the organization no longer has a perimeter - some of those techniques are not effective anymore.
Software threat tracking and patching: Most of the COVID attacks exploited existing software vulnerabilities. Having the ability to find and mitigate software threats on your WFH workforce is mandatory.
Malware Protection: It is important to establish and maintain malware defenses to respond appropriately to an attack code that is known.
Password Policy: Make sure that an appropriate password policy is in place and it is followed. You will also need to include limits on normal usersâ execution permissions and enforce the principle of least privilege.
If you feel that your organization could be attacked by technically advanced hackers, additional controls like security monitoring - to identify any unexpected or suspicious activity user training education and awareness. Also, it is a good idea to reach out to cybersecurity experts to help your organization deal with the threats.Â
To deal with the escalation, some cybersecurity firms like Vicarius are offering their free assistance. âThe solutions to solve such problems are there in the market. You just have to find a company that can help you solve the problem for you,â says Michael Assraf, the co-founder of Vicarius.