Hacking against corporations surges as workers take computers home

Hacking against corporations surges as workers take computers home

Hacking activity against businesses in the United States and other countries more than doubled from a number of measures last month, as digital thieves took advantage of the security weakened by pandemic work-from-home policies, researchers said. Corporate security teams have a harder time protecting data when they are distributed to home computers with widely varying settings and to corporate computers that connect remotely, experts said.

Even those remote workers who use virtual private networks (VPNs) that establish secure digital traffic tunnels are contributing to the problem, officials and researchers said. Software and security company VMware Carbon Black said this week that the ransomware attacks monitored in March were up 148% from the previous month as governments worldwide have curbed the movement to spread the new corona virus, that has killed more than 130,000.

“There is a digital historical event happening in the background of this pandemic, which is a cybercrime pandemic,” said Tom Kellermann, VMware cyber security strategist. “Frankly, it’s just easier to hack an external user than someone who is in their corporate environment.”

Several others echoed the finding. Tonya Ugoretz, a senior cyber officer at the FBI, told an online audience on Thursday that incoming reports of hacking during the outbreak had tripled or quadrupled. Rob Lefferts, cybersecurity manager at Microsoft, said his company saw an increase in the number of digital breaches in the same places where the disease spread most quickly.

“The number of successful attacks is related to the volume of the virus impact,” he said, adding that many malicious actors seemed to chase the confusion and fear of tricking users into giving up their credentials. “Those attacks are more successful because people are more scared,” he said.

Changes in corporate networks that are distorted by the homework policy can also make life easier for attackers. Using data from U.S.-based Team Cymru, which has sensors with access to millions of networks, researchers at Finnish Arctic Security found that the number of networks with malicious activity more than doubled in March in the United States and many European countries in compared to January, shortly after the virus was first reported in China.

The biggest jump in volume came when computers responded to scans when they shouldn’t have. Such scans often look for vulnerable software that would allow deeper attacks. The researchers plan to publish their findings by country next week.

Secure communication rules, such as banning connections to unquestionable web addresses, are often less enforced when users take computers home, said Arctic analyst Lari Huttunen. This means that previously safe networks can become visible. In many cases, corporate firewalls and security policies had protected machines infected with viruses or targeted malware, he said. Outside the office, that protection can decrease significantly, allowing infected machines to communicate with the original hackers again.

That’s compounded because the surge in VPN volume has led some stressed tech departments to allow a less stringent security policy. “Everyone is trying to maintain these connections, and security checks or filtering are not keeping up with these levels,” said Huttunen.

The U.S. Department of Homeland Security (DHS) cybersecurity agency agreed this week that VPNs bring a host of new issues. “As organizations use VPNs for telecommuting, vulnerabilities are increasingly being discovered and attacked by malicious cyber actors,” wrote DHS’s Cybersecurity and Infrastructure Security Agency.

The agency said it’s more difficult to keep VPNs up to date with security solutions because they are used at all times, rather than on a schedule that allows for routine installations during daily boot-ups or shutdowns. Even vigilant home users can have problems with VPNs. The DHS agency said on Thursday that some hackers who broke into Pulse Secure VPNs from San Jose before patches were available a year ago had used other programs to maintain that access.

Other security experts said that financially motivated hackers used pandemic fears as bait and reused existing rogue programs such as ransomware, which encrypt a target’s data and demand payment for its release.

(This story has not been edited by staff and is automatically generated from a syndicated feed.)

News

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
For a unique refereeing milestone, FIFA and the Maurice Revello Tournament have teamed up
For a unique refereeing milestone, FIFA and the Maurice Revello Tournament have teamed up
The initiative is part of FIFA’s Road to Australia/New Zealand project, to prepare referees for the next FIFA Women’s World Cup. Most recently, another ...
Godzilla and Titans, an original series based on the Monsterverse, will be directed by Matthew Shakman, according to Apple TV+
Godzilla and Titans, an original series based on the Monsterverse, will be directed by Matthew Shakman, according to Apple TV+
Apple TV+ today revealed that Emmy Award-nominated director Matthew Shakman (“WandaVision,” upcoming “Star Trek” film, “The Great”) will direct the first two ...
For current-gen consoles, Super Impossible Road has a release date
For current-gen consoles, Super Impossible Road has a release date
If you’re not up to cosmic speed, the game is all about racing balls in space on vertigo-inducing tracks. The trailer below will provide more context on just ...
The Telangana government has approved a budget of Rs 100 crore for the Lawyers Welfare Fund, which will help 25,000 lawyers
The Telangana government has approved a budget of Rs 100 crore for the Lawyers Welfare Fund, which will help 25,000 lawyers
After the separation of state, the Telangana government fixed 100 crores rupees for the Advocate welfare. The government has formed ...
In Ukraine, the ICRC is willing to help evacuate through humanitarian corridors
In Ukraine, the ICRC is willing to help evacuate through humanitarian corridors
“We are very much committed to facilitating agreement , but the agreement and the consensus have to happen between the military on the ground who are in ...
The Xbox Game Pass release date for Assassin’s Creed Origins has been set
The Xbox Game Pass release date for Assassin’s Creed Origins has been set
For Honor: Marching Fire joins Xbox Game Pass, PC Game Pass, and Xbox Cloud Gaming on June 1st. As it stands, For Honor is already included with the ...
The Callisto Protocol, an upcoming horror game, has released its first screenshot
The Callisto Protocol, an upcoming horror game, has released its first screenshot
KRAFTON has stated that it plans to release the game in the second half of 2022. Realistically, though, we should expect it to hit the streets in 2023. ...
Aluminum Stocks Hit a Record Low and the Bears Didn't Blink
Aluminum Stocks Hit a Record Low and the Bears Didn’t Blink
On-warrant aluminum inventories dropped 9.7% to 260,275 tonnes, surpassing a previous low set in 2000, to hit a record in data going back to 1997. Stockpiles ...
In a forgery scheme, a judge sentenced former MIT business professor John Donovan Sr.  to two years in prison
In a forgery scheme, a judge sentenced former MIT business professor John Donovan Sr. to two years in prison
According to authorities, Essex Superior Court Judge Salim Tabit sentenced the defendant, John Donovan Sr., 80, of Hamilton, to two to two and a half years ...
Apple Car may not have windows, according to Apple's strangest rumor of the year
Apple Car may not have windows, according to Apple’s strangest rumor of the year
What probably caught people’s eye, though, was the accompanying graphic — a concept image of an Apple Car that actually dates back to a December 2020 post on ...
Show next
We will be happy to hear your thoughts

Leave a reply

Compsmag - Latest News In Tech and Business
Logo