Cybersecurity risks for your remote workforce and VPN

Five considerations during the COVID-19 pandemic

As the COVID-19 pandemic continues, travel restrictions are increasing, a multitude of sporting and cultural events have been canceled, and many companies – including Google, Twitter, J.P. Morgan and Salesforce – are encouraging or even requiring employees to work remotely.

Remote working increases risks to corporate IT systems, as criminals exploit concerns about the coronavirus pandemic to spread infections of their own (Wall Street Journal, March 4). “They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware,” notes the newspaper. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) confirms that malicious cyber actors could take advantage of public concern surrounding COVID-19 by conducting phishing attacks and disinformation campaigns. MarketWatch (March 11) warns readers, “Working from home because of coronavirus? Don’t give your company a different kind of virus.”

CybetaTM sees uptick in scams linked to COVID-19

In fact CybetaTM has already seen a significant uptick in discussions, planning, and launch of sophisticated phishing scams related to COVID-19. Against this backdrop, employers and employees alike should remain vigilant of increased cybersecurity threats, some of which specifically target remote access strategies, says the National Law Review (March 11). Companies should take appropriate actions to ensure secure connectivity.

Based on Cybeta’s direct experience, issues linked to the surge in external connections can be addressed proactively using five approaches: cybersecurity training, anticipating phishing attacks, not using unsecured wi-fi networks, and implementing solid policies about personal use of company devices and ensuring that devices are secure.

  1. Cybersecurity training and established best practices

Companies should make sure their employees have access to simple best practice guidelines on acceptable usage policies, and broad general awareness of the risk of social engineering attacks such as phishing, spear-phishing, ransomware, and business e-mail compromise. A clear and straightforward process should be in place for employees to report any suspicious activity or potential missteps such as clicking on a suspicious link. This is the time to make sure that the corporate culture encourages reporting rather than fear of retribution for mistakes.

  1. Anticipate increasing phishing attacks and business process fraud

The current uptick in malicious social engineering attacks such as phishing and business process fraud can be expected to accelerate as threat actors exploit both the deluge of corporate updates filling email in-boxes, and the IT users’ desire for the latest information, which may tempt them to click on malicious links.

When dealing with suppliers and vendors, organizations should keep in mind that business process fraud is an effective tool for hackers even without the uncertainty and confusion added by the current pandemic. There are indications that such attacks are already occurring and will increase.

As a result of business interruptions and operating anomalies, vendor/supplier payments may be delayed, changed or otherwise not follow their regular patterns. This provides a fertile environment for fraudulent emails asking for routing or other changes to payments consistent with business process fraud attacks.

With accounts payable/receivable and other finance-related departments increasingly working remotely, protocols such as those requiring two-person sign off on payments or bank changes are at higher risk of being sidestepped in the spirit of “efficiency.” To address this risk, stricter finance rules should be mandated and reinforced.

  1. Avoid the use of unsecured wi-fi networks

Another essential step is to ensure that all employees have access to guidelines regarding the use of public wi-fi. These should mandate the use of a corporate virtual private network (VPN) and utilize two-factor authentication.

  1. Implement policies for personal use of company devices

Personal use of company devices can also expose cyber-vulnerabilities, driving a need to implement or confirm policies on utilizing company laptops and other devices for personal use. As more employees work from home, the crossover between work and personal activities is likely to increase.

  1. Secure equipment and update other policies

Remote workers tend to use a variety of software and hardware that may differ from the IT that has been approved by corporate IT. This can also cause vulnerabilities. Policies and procedures for securing equipment and receiving permission for new software should be in place – and broadly communicated.

In conclusion, cybersecurity, a high priority at all times, is more pressing than ever during the COVID-19 pandemic. Let CybetaTM work with you to protect your organization’s IT infrastructure, build resilience and ensure you can operate ‘business as usual’ during these definitively unusual times.

Talk to us about how to protect your IT infrastructure. Contact Josh Berg or Dane Connell, Founding Members of Cybeta on Josh.Berg@cybeta.com and Dane.Connell@cybeta.com

About Cybeta

Founded in 2019, CybetaTM offers a suite of Cybersecurity products and services designed to help you keep your business off the Cyber ‘X’. Based on decades of detecting and thwarting the activities of even the most advanced attackers, CybetaTM delivers the substantive intelligence you need to make preemptive strategic and operational decisions. Think in terms of over-the-horizon visibility coupled with enhanced peripheral vision.