Cybersecurity Focus: How to Make Remote Work Safer


Remote working is a long-standing trend in the business world, and it has reached unprecedented levels due to the coronavirus emergency. As a result, many companies have had to plunge into implementation remote work modelAnd as expected, this process is not always smooth.

One problem is that staff security is often sacrificed so that organizations can continue to operate as they did before the crisis. Unfortunately, this fact cannot be kept out of the spotlight of cybercriminals.

As a result, malicious actors have focused on finding vulnerabilities in common tools used for remote work, such as conferencing software and Virtual Private Network Solutions.

Malicious actors aim to snoop on sensitive communications or infect corporate networks with spyware or ransomware. To further enhance these efforts, they are also adjusting themes of phishing attacks according to employee concerns and pain points arising from pandemic and terrifying news such as that from the fronts of the Russo-Ukrainian war.

Below is a report on cybercrime tactics that focus on the remote working model and practical techniques for companies to evade these attacks.

VPN security needs an overhaul

While working outside the office, employees must maintain a stable and secure connection to the company’s computer networks. VPN is a vital tool that bridges the gap between workers and online communication against hackers.

Unfortunately, with remote workers increasingly relying on these tools to perform their duties, cybercriminals are busy exploring them in order to vulnerabilities.

Numerous security reports point to the growing threat of VPN exploits. Therefore, it is crucial to enhance the security of the remote work model and implement VPNs wisely these days. Here are the big risks in this regard:

  • Since VPN is one of the foundations of secure remote work, hackers have stepped up their efforts to discover and exploit new vulnerabilities in these solutions.
  • Businesses use VPNs 24/7, so it can be difficult for them to keep up with all the updates that offer the latest security patches and bug fixes.
  • Threat actors may increasingly carry out spearphishing (malicious Internet phishing) attacks that trick remote workers into revealing their authentication details.
  • Organizations that do not require their employees to use multifactor authentication for remote connections are more vulnerable to phishing attacks.
  • In an effort to save money, some administrators have configured their systems to support a limited number of simultaneous VPN connections. As a result, information security teams may fail to perform when VPN services are unavailable due to congestion at the network level.

Essentially, the adoption of remote work based on VPN technology leads to the fact that the average company’s security architecture often contains One point of failure. A criminal who successfully compromises VPN connections can gain disturbingly wide reach to target data assets.

Here are some additional food for thought. Some time ago, CISA Companies alerted for massively exploiting a sinister flaw in Pulse Secure VPN. This bug can trigger remote code execution attacks targeting enterprise networks.

One reported incursion involving this vulnerability was related to the distribution of the Sodinokibi ransomware virus, a strain specifically endemic to corporate networks.

If the appropriate patch was not applied, this deficiency allowed violators to turn off MFA and gain access to the network logs that maintain a cache of user credentials in plain text.

In response to the looming threat, security experts are recommending that organizations focus on increasing their VPN security practices to prevent the worst case scenario.

Here are some tips to help the company not become a moving target:

  • First, keep your VPN tools and network infrastructure devices updated. This recommendation also applies to devices (company issued or personal) that employees use to connect to corporate resources remotely. Proper updates and patch management ensure that the latest security configuration is in place.
  • Tell your teams the expected rise in phishing attacks so they can be extra careful with suspicious emails.
  • Ensure that the cyber security team is ready to handle remote access exploit scenarios through breach detection, log analysis, and incident response.
  • Use multifactor authentication for all VPN connections. If, for some reason, this rule cannot be enforced, make sure your team members use strong passwords to log in.
  • Check corporate VPN services for capacity limitations. Next, choose a reliable hosting service that can help take advantage of bandwidth limitations and ensure continuity of secure connections when you need them most.
  • An additional precaution is to test VPN functionality kill switch. This feature automatically terminates all web traffic if the secure connection is lost. This way, you can rest assured that data is not traveling over the public internet unencrypted.

Conferencing software is an outstanding fruit.

Similar to virtual private networks, the tools that enable virtual meetings have recently greatly expanded their reach. Not surprisingly, online scammers have stepped up their repertoire in terms of discovering and exploiting vulnerabilities in popular conferencing products.

The consequences of such a hack can be devastating as it sets the stage for large-scale eavesdropping.

US National Institute of Standards and Technology (NIST) Highlight the risks It stems from the misuse of virtual meeting tools. According to the agency, although most of these solutions come with basic security mechanisms, these features may not be enough to fend off privacy infringement.

Here’s a roundup of recommendations in this vein to stop hackers in their tracks:

  • Adhere to your company’s policies and guidelines that address security for virtual meetings.
  • Avoid reusing access tokens for web meetings. If you share it with too many people, confidential data is likely to be leaked beyond the intended number of individuals.
  • If you plan to discuss a highly confidential topic, consider using one-time personal identification numbers or unique meeting ID codes.
  • Make the most of the “waiting room” function that prevents a virtual meeting from starting until the conference host joins.
  • Tweak the settings, so that the app triggers notifications when new people join the web meeting. If this option is missing, the host must ask all participants to name themselves.
  • Utilize dashboard controls to keep up with attendees during the conference.
  • Refrain from recording the virtual meeting. If you really need to do this for future reference, be sure to encrypt the file and specify a passphrase to decrypt it.
  • Limit or ban the use of employee-owned devices for video conferencing.

Keep in mind that hackers aren’t the only ones who might want to snoop into virtual meetings. Disgruntled employees or fired employees who still have access to the company’s digital infrastructure may be tempted to obtain your proprietary data.

bottom line

The global increase in remote work is a natural part of business evolution. It is also an emergency response to new factors such as COVID-19. But, unfortunately, the “rough” implementation of remote work in many organizations has become the weakest link in their security.

In addition to thwarting the aforementioned risks related to VPN tools and virtual meetings, organizations must rethink and enhance their anti-phishing practices to avoid scams that rely on trendy news topics. Your employees should be suspicious of suspicious messages and think twice before clicking any links to them.

Remote work security is now more important than ever. This needs to change if this is not your organization’s top priority.

Featured image rights: Photography by Thirdman; pixels. Thank you!

Alex Vakulov

Alex Vakulov

Alex Vakulov is a cybersecurity researcher with over 20 years of experience analyzing malware. Alex has strong malware removal skills. He writes for several technology-related publications sharing his security expertise.



Source link

Related Posts

Precaliga