‘Expect an increase in attacks targeting remote desktop solutions’Mar 18, 2020
Dr Duncan Hodges, senior lecturer in cyberspace operations at Cranfield University, comments on the increased risk of cyber attacks as the world lies in the grip of the coronavirus pandemic.
Increased phishing related to coronavirus
We’re definitely seeing an uptick in phishing related to the coronavirus, for example malware masquerading as fake antivirus, and VPN solutions all aimed at capitalising on the change to remote working.
We’ve also seen phishing campaigns in Japan which purported to come from the state welfare offices but downloaded a trojan designed to steal money from bank accounts. WHO have also warned of phishing attacks pretending to be a charitable relief fund.
We can also expect to see fraudulent activity surrounding either the selling of hard-to-find items or fake antiviral equipment.
Home working risks
We can expect to see an increase in attacks targeting remote desktop solutions and video conferencing software. This is particularly likely to be a problem where products have laid dormant without being updated or only used within a corporate network for a period of time and are now being made available outside the traditional corporate network – the recent BlueKeep attack vector is one we’re likely to see increasingly over the next week or so.
Traditionally a home network has been considered a less secure part of a corporate network, as well as your corporate laptop on the network there will also be your family’s personal computers, tablets and phones as well as a host of smart home devices. Your network will only be as secure as the most vulnerable of these devices.
We can also expect more of the corporate data to be moved to cloud hosting solutions to allow for remote working. While some of this will be within corporate solutions it would be naïve to think that there won’t be an increase in data being moved to shadow IT infrastructure.
This is where data is moved to other personal solutions outside a corporate network because an employee ‘needs to get a job done’ and the corporate solutions don’t work – for example using personal email accounts or accounts on Dropbox, for example.
This move of data to external cloud providers could increase the risk of a data breach.
There is also the risk of increased working on unsecured wireless networks such as at coffee shops, whenever using these public infrastructure it’s worth considering using a virtual private network . These create an encrypted tunnel over an insecure network, your network traffic then flows down this tunnel and protects your data from others.
Your employer may provide a VPN solution for you to use – alternatively there are a number of free products such as Proton VPN which offer a good service.
Improve cyber hygiene
Security isn’t really a ‘product’ that can be bought but certainly running an antivirus and firewall application represent what we would call good cyber hygiene. There are really great free home versions from most vendors that offer pretty good protection against a whole host of threats.
The best approaches to increasing your security are what we would typically call ‘cyber hygiene’ this involves doing a number of really simple things which will aggregate together to make you more secure. Look at using a firewall on your machines, these attempt to create a buffer between your computer and the network.
Make sure your operating system and the applications (such as Microsoft Office / Word, your PDF readers and your web browsers) are up to date and make sure you’re running an anti-virus product which is up-to-date.
Doing these relatively simple things will make a big difference to what we call your ‘security posture’.
Cyber considerations for businesses
If you’re a business consider the National Cyber Security Centre’s Cyber Essentials programme, this outlines a number of simple steps to improve your cybersecurity – you don’t need to go through the certification process but there is some really easy to follow advice.
Coronavirus is accelerating new flexible working
As we move to Work 4.0 where one change is the move to more flexible working conditions it is likely that businesses will need to adopt to these changing responsibilities (and indeed the changing responsibility of staff to their employers). What we’re seeing in COVID-19 is an acceleration of that requirement.
Lots of businesses will now have to manage home working on a larger scale than they have done in the past, but the lessons we learn over the next weeks and months will hopefully help us critically look at how businesses, and we as security professionals, are going to support a wide variety of staff who are working from home for extended periods of time.”