Experts are warning of a new wave of cyberattacks targeting Americans who are forced to work from home during the coronavirus outbreak.
There is increasing evidence that hackers are using the concerns over the virus to prey on individuals and that working outside secure office environments opens the door to more cyber vulnerabilities.
“There are nation-states that are actively taking advantage of the situation, particularly our Cold War adversaries, and we need to be keenly aware that they are aware of the lack of security that is presented by everyone telecommuting,” Tom Kellermann, who served on a presidential cybersecurity commission during the Obama administration, told The Hill on Friday.
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security’s cyber agency, underlined Kellermann’s concerns by issuing an alert on Friday pointing to specific cyber vulnerabilities around working from home versus the office.
CISA zeroed in on potential cyberattacks on virtual private networks (VPNs), which enable employees to access an organization’s files remotely.
These networks may make it easier to telecommute, but, according to CISA, they also open up a tempting way for hackers to get in.
“As organizations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” CISA wrote. “Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and security configurations.”
The agency also underlined the importance of flagging suspicious emails, noting that “malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords.”
CISA urged that organizations keep their systems updated and patched and be transparent with employees about the dangers of malicious emails, particularly those that use coronavirus fears to tempt individuals to click on them and download computer viruses.
Other state-level cybersecurity agencies also warned of the risks posed by working from home due to coronavirus concerns this week.
The New Jersey Cybersecurity and Communications Integration Cell put out an alert describing best practices to shore up cyber defenses and noting that this level of telecommuting is “unchartered territory” for many businesses.
The threat posed by malicious emails to those telecommuting, particularly those using their work devices, was backed up by research published this week by cyber group Check Point, which found that cyber criminals were using concerns around coronavirus to push spam out.
Check Point also found that just since January, more than 4,000 coronavirus-themed web domains have popped up, with the company estimating that around 5 percent were suspicious and 3 percent malicious. The websites would likely be used as part of email campaigns to lure victims to click on dangerous links.
That was backed up in recent findings by Kellermann, who currently serves as the head of cybersecurity strategy at cyber group VMware Carbon Black. He told The Hill that he has seen evidence that hackers have increasingly targeted executives of companies and other “powerful personalities” that are seen as vulnerable to attack due to working on less secure networks.
“There has been an uptick of targeted attacks against executives in conjunction with this pandemic,” Kellermann said. “When it comes to home security you are assuming your work laptop is secure, but you need to take steps on your own end.”
Another big vulnerability is hackers accessing sensitive data through Wi-Fi networks. Kellermann recommended that individuals working from home use separate networks for their work to further isolate data and to “stay away” from public Wi-Fi that has many people using it.
One way to fight back against these attacks is by ensuring the employees are aware of the threats they are facing and educating the workforce.
“Provide security awareness training for remote workers,” Matt Shelton, director of technology risk and threat intelligence at cybersecurity group FireEye, told The Hill. “Focus on physical security topics such using a privacy screen, limiting work on confidential material in public spaces and securing physical computing assets.”
But individuals working from home are not alone in fighting back against potential cyberattacks. Key industry groups are also taking action to address concerns around the security of networks.
USTelecom — The Broadband Association, which represents telecom groups including AT&T and Verizon, sent a letter to the leaders of the House Energy and Commerce and Senate Commerce committees on Friday pledging that internet providers were on top of network vulnerabilities.
“Internet service providers are on guard against malicious cyber actors who would use this emergency to take advantage of consumers through phishing schemes and other nefarious or criminal actions,” USTelecom President and CEO Jonathan Spalter wrote to lawmakers.
This commitment was underlined on Friday when the Federal Communications Commission announced a new initiative to ensure Americans have access to wireless networks during the coronavirus outbreak, including opening Wi-Fi hotspots and not terminating Wi-Fi networks if a customer does not pay their bill on time.
But beyond the commitment from these groups, Kellermann warned that there may be a role for Congress to play in ensuring that both cybersecurity officials and industry groups are fighting to prevent potential attacks and support network security.
“We need to provide greater funding to CISA and greater funding for cybersecurity of critical infrastructure,” Kellermann said. “At a minimum, maybe Congress can come to Jesus that this is patriotic imperative.”