News & Views
As more and more employees are mandated to work from home, security and non-security professionals alike are left wondering what they can do to keep their data and systems safTo help with this, Tom Kellermann, Head Cybersecurity Strategist, VMware Carbon Black (www.carbonblack.com), and former cyber commissioner for President Obama, outlines the most prominent cyber threats and likely attack routes for hackers as well as practical tips for people working from home.
Q: How are cybercriminals exploiting people working from home and playing on their anxieties? What are the likely attack routes for hackers at this time?
A: We have seen attackers try to pollute coronavirus outbreak maps with malware; increased spear phishing email attack attempts, which attempt to prey on local outbreaks; and the global dissemination of disinformation regarding the virus. Cybercriminals are notoriously opportunistic and will rely on natural anxieties to meet their end goals. Additional vigilance is required for remote workers, many of whom are working from home for the first time.
We should expect a variety of attacks right now including opportunistic phishing attacks, credential theft, bitcoin theft, financial fraud, and ransomware campaigns. Attacks against home routers and VPNs will also increase throughout the coronavirus outbreak.
Q: What are the practical steps people working from home can take to improve their cybersecurity?
A: People working from home should be on high alert for spear phishing emails. When in doubt, pick up the phone and make a call to anyone sending an email (even from within your own company) to validate the email request, especially if there’s a link or an attachment. People should also update all software and applications. Home users can also bifurcate their routers by putting their work laptop on one network and all other devices on another. Password hygiene also becomes critical at a time like this. Passwords should be complex and hard to guess – think full sentences versus individual words. These employees should also work with their IT teams to make sure security software is deployed, functioning properly and up to date. With social distancing, public WiFi usage should be limited but it goes without saying that avoiding public internet access points, especially from work computers, is paramount.
Q: What are the best tips for businesses looking to improve cybersecurity across their organizations?
A: This all comes down to visibility. Security solutions should be giving security teams a full look at what’s occurring across the distributed enterprise so if anything is amiss, it can be flagged immediately. Businesses should also be conducting threat hunting exercises on a weekly basis using their visibility tools. Hackers are adept at circumventing legacy security solutions so understanding the native tools hackers are trying to use become a critical part of long-term security success.