in

The remote working rush is creating a playground for spies and cybercrooks

Hundreds of millions of people are now working from home as a result of the ongoing COVID-19 coronavirus outbreak.

Most organisations have a disaster recovery plan and a business continuity strategy in place to cope with the more predictable catastrophes, like a main office being unavailable for weeks or months. Far fewer are prepared for a crisis requiring social distancing and working from home for long periods on a massive scale.

Hence the rush to buy laptops and webcams and other equipment to kit out home offices – in many cases to get thousands of staff working from home in just a few days. As well as scrambling for hardware, firms of all sizes have had to find new ways of keeping teams connected by investing in new software and tools.

Security has not been forgotten in this rush. There are plenty of checklists of good security practice available, and plenty of advice on working from home securely. That includes knowing how to use a VPN (and how to make sure it’s up to date) and what to do when things go wrong.

But the rapid shift to remote working will inevitably create or exacerbate gaps in security. Employees using unfamiliar software will get settings wrong and leave themselves open to breaches. Staff forced to use their own ageing laptops from home will find their data to be less secure than those using modern equipment.

That’s a big problem because the security issues are not going away. For the last couple of months coronavirus-themed malware and phishing scams have been on the rise. Business email compromise scams – where crooks impersonate a CEO or other senior staff member and then try to trick workers into sending money to their accounts – could be made easier if staff primarily rely on email to communicate while at home.

Ransomware gangs haven’t slowed their efforts to penetrate business networks and encrypt data for cash. Staff working from home, struggling to manage their home and work lives, will be more distracted and may fall for tricks they would usually see through. All of these scams could prove costly to many businesses, and crooks have shown no restraint in pursuing their nefarious schemes during this crisis.

“With a huge number of people teleworking from home, often with outdated security systems, cybercriminals prey on the opportunity to take advantage of this surreal situation and focus even more on cybercriminal activities,” warns Europol.

A longer-term and bigger concern is state-backed espionage.

“COVID-19 has created — and continues to create — awe-inspiring intelligence collection opportunities,” Thomas Rid, Professor of Strategic Studies at Johns Hopkins University’s School of Advanced International Studies recently tweeted.

 “The virus is forcing an unprecedented number of leaders and managers to work from home, across all sectors, in business and in government, everywhere. Sensitive meetings of course didn’t stop; they moved to new platforms,” he said.

State-backed espionage campaigns have been continuing during this time — even if they too sometimes have to take a break during coronavirus lockdowns. All organisations need to think about the communications tools that are appropriate in different contexts. Make sure that someone understands the security implications and settings of the tools your teams are using. Make sure they understand the risks and the consequences.

Each of these threats develop in different ways over different time frames; malware might hit you immediately, but phishing campaigns can evolve into email compromise scams or ransomware demands over days or weeks. And it could be months or years (if ever) before the impacts of state-sponsored intrusions becomes apparent. 

We might be still be getting used to working from home but don’t expect spies or crooks to give us time to get ready before they come our way.

ZDNET’S MONDAY MORNING OPENER:

The Monday Morning Opener is our opening salvo for the week in tech. Since we run a global site, this editorial publishes on Monday at 8am AEST in Sydney, Australia, which is 6pm Eastern Time on Sunday in the US. It is written by a member of ZDNet’s global editorial board, which is comprised of our lead editors across Asia, Australia, Europe, and North America.


Source: Information Technologies - zdnet.com

Russian telco hijacks internet traffic for Google, AWS, Cloudflare, and others

Australian Digital Health Agency reveals two 'probable' instances of Medicare fraud