Cybersecurity & working from home

Cyber security Editor todayApril 18, 2020 4

Background
share close

Remote work

As perpetrators are targeting companies that are rushing to set up networks for remote working cyberattacks are an increasingly common and worrisome threat. With more companies gaining an online presence the frequency of data breaches and cyberattacks is increasing and as organisations and companies have their employees working from home to enforce social distancing and the prevention of covid-19 infections, many cybersecurity teams are trying to create secure remote work conditions.

The transition to working from home occurred over a very short period of time, in most cases just a matter of days. With companies focused on making sure operations didn’t come to a standstill security could have easily been overlooked or treated as an afterthought. This rush can lead to equipment and software being poorly configured and vulnerable to exploitation.

Many companies do not have the pillars and security measures in place to facilitate remote working conditions and they face the mammoth task of ensuring that their organisation is secure because every time an employee connects to their corporate network from home, they’re creating possible access points that can be exploited by cybercriminals.

 Furthermore the relaxed work conditions from home provide an opportunity for employees to work from their personal machines that may not have the appropriate security measures in place. With multiple channels of “fake” news about the virus, people who are working at home may be more likely to click on dodgy links spread on social networks further compromising the integrity of your network. Whilst working from home employees may be more likely to click on phishing messages disguised as routine company or health alerts. Working from home also means that security teams don’t have access to the tools they ordinarily use to defend corporate networks.

Understanding Cyberattacks

To combat these risks, companies need to understand both hackers’ tactics and their mind-sets. The security measures and policies that a company puts in place during this lockdown are crucial because of how hackers and cyber criminals work. A cyber attack’s lifecycle can be broken down into two phases, explorative and exploitative.

The lockdown offers the perfect opportunity for the exploration phase of an attack, this phase consist of identifying vulnerabilities and the scanning and testing of an organisation’s system. This process is called footprinting by hackers, they may also study your suppliers, partners and contractors that your company works with, as well as your subsidiaries. Before launching a cyberattack, hackers will map out the target network and systems and paying particular attention to vulnerabilities, potential entry points, and any security mechanisms that could be hurdles to access whether the reward outweighs the risk of infiltrating the system.

The exploitative phase of an attack begins when a hacker gains access to your network. Hackers will typically contact organizations by telephone, a “phishing” email campaign, a forged email message, or instant messages asking individuals for login and password credentials, usually by pretending to be someone with credibility. A good example of this phase  are The WHO phishing attacks from the earlier this year are when hackers began mimicking the WHO and its internal email system in an attempt to gain user data, we covered the story earlier in an article titled, “The WHO warns against Corona Virus Phishing Attacks”.

If they are successful they gain access to personal information like names, email addresses, identity numbers as well as employment information which can be sold off on the black market for identity theft purposes.

In the final stages of an attack, hackers retain their ownership of the system and access for future attacks while remaining unnoticed. Making your cyberspace their base of operations for any new attacks, a system like this is commonly referred to as a “zombie” system. Therefore, it is critical for organizations to remain vigilant for suspicious activity in system logs and to ensure that monitoring systems are always up to date.

How to protect yourself and your organisation

 From the information provided above about the phases of an attack one can gain an understanding how attackers infiltrate networks and can then improve the security of their network, making your organisation an unlikely target for exploration and exploitation because so long as the risk does not equate to a substantial reward for the attacker, the probability of the attack progressing to the second phase will be significantly lowered.

There is no doubt that the lockdown presents an attractive opportunity for cyber criminals, the time,  insecure network connections, vulnerable machines and a lack of remote work protocol in some companies makes them easy prey for attackers. Running awareness campaigns and programs within your organisation i.e. to your employees, contractors and even customers to inform them about common hacker strategies is a critical component of network defence. Digi-Train specializes in remote hands-on training for both tech and non-tech staff which comply with many different industry standards. If your organization is facing challenges shifting to a more remote setup, please consider reaching out to our staff at digi-train.co.za. We are here to help you identify and implement the right solutions that best fit your needs. Security doesn’t have to be limited to when you are in your offices.

Written by: Editor

Rate it
Previous post

todayMarch 23, 2020

  • 21
close

Cyber security Editor

Covid-19 and Cyber Attacks

The ongoing Covid-19 pandemic has affected almost all elements of modern life. That includes cybersecurity. In this briefing, we will take a look at some of the shifts and provide ...


Similar posts

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *