Organizations Must Address Cybersecurity Risks of Pandemic-Related Telework

In an alert issued on March 13^th, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned that hackers are targeting vulnerabilities introduced by remote working and virtual private network (VPN) technologies. As more employees work remotely due to the COVID-19 coronavirus pandemic, organizations’ remote access policies and subsequently, enforcement need to be closely examined.

The remote worker has a lot to worry about. The CISA warned of phishing emails attempting to steal user credentials from teleworkers. Other security experts have noted phishing attacks that prey on pandemic fears to dupe users into clicking on malicious links or attachments purportedly related to COVID-19. Some attacks are targeting company executives who are working outside their organization’s secure network perimeter.  Many remote workers will be forced to use their personal devices to connect to their corporate network.  It is imperative to ensure that your personal device is practicing good security hygiene.  A few items where the remote worker can help:

• Be sure that your password is complex or ask your IT department if you can use multi-factor authentication
• If you are using a personal device, then ensure the following:
  • Operating system and application patches are applied
  • Endpoint protection solution is installed, up to date, and running a regular scan
  • Only stay connected to VPN as long as you need to
  • Do not store sensitive data on your personal device any longer than required

SageNet’s partner Fortinet has some information on current cyber threats associated with the pandemic:
https://www.fortinet.com/blog/threat-research/attackers-taking-advantage-of-the-coronavirus-covid-19-media-frenzy.html

While the pandemic has suddenly forced many employees into working from home, telework is hardly new. In fact, the U.S. Census Bureau estimates that about 4.7 million Americans work remotely at least half the time. Telework has increased 159 percent since 2005 and continues to rise. This has led to an increasingly porous network perimeter that requires new security options.

One approach is the software-defined perimeter (SDP). An SDP uses granular network segmentation to restrict which areas of the network a user can access. This combines with strict authentication policies that look at location, time of day, device and other criteria as well as user identity to authenticate users. SDP makes it possible to eliminate VPNs in favor of a more robust, “zero trust” alternative — even when employees are using their own devices.

SageNet’s partner AppGate is offering a 90-day free trial of its SDP solution during the pandemic:
https://www.appgate.com/blog/software-defined-perimeter/employees-safe-connected-response-coronavirus

Organizations should also take steps to limit the risk associated with stolen credentials. Multifactor authentication can boost security by requiring two or more credentials in addition to a username to verify a user’s identity. Otherwise, if only a username and password are required, a hacker could gain access to corporate IT resources if those credentials were compromised.

Even with more robust security controls in place, end-user security awareness plays a critical role in preventing a cyberattack. Remote workers should be alerted to the increase in pandemic-related phishing attacks and provided with training so they can recognize phishing and other social engineering techniques. Security training is proven to reduce the risk that workers will click on a malicious link or attachment.

SageNet’s partner KnowBe4 has some great security awareness content for users:
https://blog.knowbe4.com/piling-on-exploiting-the-coronavirus-for-fraud-and-profit

Of course, remote workers should also do their part by keeping their devices and security software up to date, using only company-approved software, and ensuring that their routers and Wi-Fi connections are secure. They should also back up critical files regularly as a hedge against ransomware attacks.

Finally, organizations should examine how remote work can impact IT capabilities and implement crisis management procedures as appropriate. IT personnel should be prepared to monitor remote access and respond to any security incidents, and users should be advised who to call if an issue arises.

Any time there’s a crisis, criminals are ready to take advantage of it. The COVID-19 pandemic is no exception. SageNet is here to help you implement security controls to protect remote workers from cyberattack.