The Risks Of Remote Working

Uploaded on 2020-04-08 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A large numbers of firms are sending out work-from-home policies with the aim to limit the risks of the coronavirus and cyber security experts are now saying that remote workplace setups are encouraging new hacking attacks. 

The FBI has issued a statement about fraud related to the virus, particularly by scammers posing as official health agencies and other seemingly offical organisations  

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them....Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”

The FBI advice is to carefully check and don’t open or respond to Fake Disease Control and Prevention emails, Phishing emails apparently from the government asking for your personal information and Counterfeit Treatments or Equipment that talks about prevention or treatment of the virus.

Recently, a hacking group tried to break into the World Health Organisation (WHO). The breach was discovered by Alexander Urbelis, a hacker-turned-information-security lawyer who founded the New York Blackstone Law Group. Although Urbelis can't be certain about the identity of the hackers, he says the group replicated a portal used by remote World Health Oragisations (WHO) employees that he describes as "very, very convincing."

Cyber Attack Targeting WHO
The group that targeted the WHO, has been watched for quite a while and it appears that the group has reawakened or reactivated some of its infrastructure. There are some indications that a group by the name of DarkHotel, first identified by the experts at Kaspersky, known for targeting hotel guests and Wi-Fi networks, may be responsible for this particular type of attack.

Their attacks are elegant and well researched. The attackers perform a significant amount of reconnaissance on the configurations and the systems and they carefully create portals that look exactly like the victims' portals.

That's was what was seen with the WHO on the 13th of March. A URL, a Web address, was created and put together that exactly mirrored the doorway to World Health Organisation's internal file systems. So it was the external link to the internal file systems, that portal that remote employees would use to access the WHO, let's say if they were working from home and that's what this group had replicated.

This group not only replicate the portals of the WHO, but major research universities and many other intergovernmental organisations like the WHO.  In fact, the same day that the WHO was targeted by this particular group, they also targeted certain components of the United Nations

The DarkHotel hackers have the chracteristics of being a state-sponsored or state-affiliate group. That means that they could be considered as an APT, an advanced persistent threat, essentially a force to be reckoned with.

Reuters:         FBI:        NPR      NetNebraska

You Might Also Read: 

Stay Cyber-Secure Working From Home:

 

« An 'Infodemic' Of Phishing & Malware
Supporting British Healthcare Cybersecurity During COVID-19 »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CW Jobs

CW Jobs

CWJobs.co.uk is a leading specialist IT recruitment website covering all areas of IT including Cyber Security.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

CYBERPOL

CYBERPOL

CYBERPOL's mission is to facilitate the widest possible mutual assistance between all cyber crime law enforcement authorities to help mitigate global cyber threats.

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

EdgeWave

EdgeWave

EdgeWave provides simple but highly effective data security and advanced threat protection in solutions that are affordable, scalable and easy to use.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Open Information Security Foundation (OISF)

Open Information Security Foundation (OISF)

OISF is a non-profit organization led by world-class security experts, programmers, and others dedicated to open source security technologies.

NAVEX Global

NAVEX Global

NAVEX Global’s compliance management system consolidates your entire GRC program onto a scalable cloud-based platform.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

RiskRecon

RiskRecon

RiskRecon makes it easy to gain deep, risk contextualized insight into the cybersecurity risk performance of all of your third parties.

Censys

Censys

Our customers rely on Censys data to get the global visibility they need of their attack surfaces in order to proactively prevent nation-state attacks and emerging threats.

Depth Security

Depth Security

Depth Security assessment services provide organizations with real-world visibility into threats facing their infrastructure and applications.

Networks Unlimited

Networks Unlimited

Networks Unlimited is a leading value-added distributor in Africa, providing technology solutions with a focus on security, networking, enterprise systems management and cloud technologies.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Sababa Security

Sababa Security

Sababa Security is the first Italian innovation cyber security vendor, that provides security products, training, and managed services to protect diverse IT and OT environments.