19 Mar
Cybercriminals are preying on fears of the COVID-19 coronavirus pandemic to spread malware, perpetrate scams, and compromise systems and networks. Many of these attacks are targeting employees who are working from home under “social distancing” policies. Organizations should shore up their cyber defenses to ensure that attacks on remote workers don’t result in a security breach.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on March 13th about phishing emails attempting to steal user credentials from teleworkers. The CISA also warned that cybercriminals are targeting vulnerabilities in the virtual private networks (VPNs) remote workers use to connect to corporate IT resources.
According to the Check Point Global Threat Index, 8 percent of the more than 4,000 coronavirus-related domains are malicious or suspicious, creating a significant threat of malware infection if an employee visits one of these sites. Security experts have also noted attacks on company executives who are working outside their organization’s secure network perimeter.
That perimeter has all but disappeared in recent years due to increasing numbers of remote and mobile workers. Approximately 4.7 million Americans now work from home at least half the time, according to the U.S. Census Bureau. That’s a 159 percent increase since 2005. The rise in telework due to the COVID-19 pandemic will likely result in more employees taking advantage of this option long term.
Organizations should prioritize security policies, procedures and technologies to protect remote workers. It starts with a “zero trust” security model in which every user and device attempting to access the network is presumed to be a threat. User identities and the security posture of the devices they use must be authenticated, whether they are inside or outside the network perimeter. User behavior analytics tools can help to detect deviations from normal activity that could signal a cyberattack.
Other steps organizations can take include:
- Limit the risk associated with stolen credentials. Implement multifactor authentication for remote access. Adopt the principle of least privilege, which limits access to only those resources employees need to do their jobs. Utilize network segmentation to prevent hackers from moving laterally through the network should they gain access.
- Keep systems and devices up to date. Implement the latest software patches and updates in VPNs, firewalls and devices remote workers use to access the corporate network. Require that the devices employees use maintain minimum security standards.
- Implement IT operational procedures. Ensure that IT personnel are prepared to monitor remote access, detect attacks and respond to security incidents. Prepare for mass usage of VPN connections and use rate limiting and other techniques to prioritize users requiring access.
- Educate remote workers. Alert users about the increase in phishing attacks related to the pandemic and warn them to be suspicious of links and attachments that purport to provide information on COVID-19. Provide ongoing training so that users learn to recognize phishing and other social engineering techniques. Ensure remote workers know who to call for support or to report a security incident.
Remote workers should also take steps to prevent a cyberattack, including:
- Ensuring their router and Wi-Fi connection are secure
- Keeping all operating systems, security tools and antivirus software up to date
- Regularly backing up files to protect against loss and ransomware
- Using only company-approved software and collaboration tools
Rahi Systems can help you implement the policies and tools you need for telework security. Give us a call to schedule a confidential consultation.
Rahi is a Global IT Solutions Provider. We are uniquely capable of combining data center, IT and audio/video solutions to create an integrated environment that drives efficiencies, enhances customer service and creates competitive advantages. We offer a full suite of products in physical infrastructure, storage, compute, networking, power and cooling, and audio / video. In addition, Rahi offers professional and managed services to aid customers in logistics, delivery, set-up, and ongoing support of their technology solutions.
Rahi is a Global IT Solutions Provider. We are uniquely capable of combining data center, IT and audio/video solutions to create an integrated environment that drives efficiencies, enhances customer service and creates competitive advantages. We offer a full suite of products in physical infrastructure, storage, compute, networking, power and cooling, and audio / video. In addition, Rahi offers professional and managed services to aid customers in logistics, delivery, set-up, and ongoing support of their technology solutions.
About Rahi
Rahi is a subsidiary of Wesco Distribution, a Fortune 200 Company with operations in 50+ countries and annual revenues over USD 19B. Rahi delivers comprehensive data centre solutions for global enterprises, hyperscalers, and multi-tenant data centres. Rahi provides IOR, local currency billing, and RMA services, enabling businesses to operate efficiently anywhere.
Since being acquired in Nov. 2022, Rahi’s global presence and analytical expertise help clients achieve their business and IT requirements.
Rahi