Americans ‘work from home’ strategy present new targets for hackers
Coronavirus outbreak has forced organizations to let their employees work from home during the outbreak. A new wave of cyberattacks targeting such employees is emerging, warns the experts.
After scammers, now hackers are exploiting the virus outbreak to prey on employees who are working from home. The evidence reports that working outside the office environment is not secure since it opens more doors to cyber vulnerabilities.
While giving a statement to ‘The Hill’ last Friday, the presidential cybersecurity commission server, Tom Kellermann said,
“There are nation-states that are actively taking advantage of the situation, particularly our Cold War adversaries, and we need to be keenly aware that they are aware of the lack of security that is presented by everyone telecommuting”
Reckoning the opinion of Kellermann, the department of Homeland security’s cyber agency – CISA – issued the statement on Friday highlighting the cyber threats associated with working from home as compared to the office. CISA pointed out the potential vulnerability around virtual private networks (VPNs).
Employees working from home are remotely accessing the organization’s file through VPN, which is paving roads for hackers to get into the network and exploit the files and data shared on the network.
In their statement, CISA wrote
“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors. Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.”
Moreover, the agency highlighted that cybercriminals may increase phishing email attacks to steal employees’ credentials. Such emails may use corona fear to tempt users into opening emails and performing certain activities; downloading viruses.
Checkpoint stated that since January more than 4,000 coronavirus-themed websites domains have been introduced; some with the intention of running email campaigns to lure victims into clicking malicious links.
With the agencies indicating the vulnerabilities, Kellermann has recommended individuals to use separate and private networks to do their work and isolate the data to keep it secure from intruders.