Security Fridays Week 24Michael Urgero 11/12/2020, Industry News
Covid19, remote working and its impact on cybersecurity
Welcome to the world in a pandemic.
Both CISA and the FBI have issued a Joint Security Advisory.
The world’s response to the pandemic has been largely to send most people home, keep a social distance and wear a mask. Those of us that can work from home, are. We’re using our home networks, our home WiFi solutions and our broadband internet. To be honest, most of us are using our personal devices to access corporate systems like email, financials and other related SaaS tools.
This is not the first pandemic we’ve had, and it surely won’t be the last - and frankly, we can argue all day about whether or not bunkering down is making it better or worse, but one things for sure – we’re being hunted now. And, if you’re one of those folks that works with international relations or national security policies, you’re square in sights of a state sponsored attack team.
Like most predators that hunt in packs, they aim to find one that’s been separated from the herd – and that might just be you. Pushed out of the security of your office, the firewalls, the intrusion detection, the multi-layered security systems, management solutions and the tech team that keeps it all up to date and monitored – makes you the fawn strayed during the chaos – and now you’re on your own.
As businesses continue to struggle, completely unprepared for a dispersed workforce, the attackers have caught on to this as an opportunity. They’ve changed direction – and are starting to pay specific attention to the remote workforce. They know you’re not in the office and they’ve began to adjust their attacks to take advantage of people that are distracted by home schooling, shared spaces and spouses that are also working from home. See, our businesses weren’t prepared – and neither were we.
Knowing full well that you’re likely distracted and using home services for business purposes, advanced persistent threat actors have begun using specific methods to gain repeated access to home-based systems. These include spear-phishing emails, invites, false claims and more to try and trick you into clicking something you shouldn’t. Normally, the security systems that surround your office would be helpful here – be you’re not in the office.
We certainly don’t have corporate budgets for temporary remote work like this – meaning specifically – that most folks won’t have a $10,000.00 firewall at home - here’s some top tips and reminders on how to be safe out there;
- Trust, but verify, everything.
- Make sure your equipment is current, that five year old Linksys WiFi router just won’t cut it.
- Keep Internet Routers, Firewalls and other network devices at home as up to date as possible, this should also include your desktops, laptops, phones, watches and IoT devices.
- Do not open ports to the internet for any reason. In most cases, PnP will dynamically handle these requests for things like gaming systems and IoT devices.
- Make sure to read and re-read suspicious emails. If it didn’t feel right the first time you read it, then you need to read it again while keeping a sharp, trained eye for punctuation or mis-used words.
- Don’t accept friend requests so quickly, remember to look twice.
- At the very least - use strong passwords and mac address filtering on your WiFi, change default passwords and hide your SSID.
- Scan desktops and laptops regularly in a best effort to stay clean.
- Back up any work on a regular basis to a cloud service, like Microsoft’s OneDrive or similar.
- Create a short training program for the rest of the company, so everyone can all be on the same page.
- And, above all, don’t share devices unless you have absolutely no choice. I, personally don’t allow my teen-aged son to use the same laptop I use.
Covid-19 has certainly changed how we work, now we need to change to assure we’re still protected.
Read the article that was analysed here: https://www.infosecurity-magazine.com/news/hackers-are-targeting-us-think/