The Risks Of Remote Working

Uploaded on 2020-04-08 in FREE TO VIEW, BUSINESS-Services-Law, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A large numbers of firms are sending out work-from-home policies with the aim to limit the risks of the coronavirus and cyber security experts are now saying that remote workplace setups are encouraging new hacking attacks. 

The FBI has issued a statement about fraud related to the virus, particularly by scammers posing as official health agencies and other seemingly offical organisations  

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them....Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”

The FBI advice is to carefully check and don’t open or respond to Fake Disease Control and Prevention emails, Phishing emails apparently from the government asking for your personal information and Counterfeit Treatments or Equipment that talks about prevention or treatment of the virus.

Recently, a hacking group tried to break into the World Health Organisation (WHO). The breach was discovered by Alexander Urbelis, a hacker-turned-information-security lawyer who founded the New York Blackstone Law Group. Although Urbelis can't be certain about the identity of the hackers, he says the group replicated a portal used by remote World Health Oragisations (WHO) employees that he describes as "very, very convincing."

Cyber Attack Targeting WHO
The group that targeted the WHO, has been watched for quite a while and it appears that the group has reawakened or reactivated some of its infrastructure. There are some indications that a group by the name of DarkHotel, first identified by the experts at Kaspersky, known for targeting hotel guests and Wi-Fi networks, may be responsible for this particular type of attack.

Their attacks are elegant and well researched. The attackers perform a significant amount of reconnaissance on the configurations and the systems and they carefully create portals that look exactly like the victims' portals.

That's was what was seen with the WHO on the 13th of March. A URL, a Web address, was created and put together that exactly mirrored the doorway to World Health Organisation's internal file systems. So it was the external link to the internal file systems, that portal that remote employees would use to access the WHO, let's say if they were working from home and that's what this group had replicated.

This group not only replicate the portals of the WHO, but major research universities and many other intergovernmental organisations like the WHO.  In fact, the same day that the WHO was targeted by this particular group, they also targeted certain components of the United Nations

The DarkHotel hackers have the chracteristics of being a state-sponsored or state-affiliate group. That means that they could be considered as an APT, an advanced persistent threat, essentially a force to be reckoned with.

Reuters:         FBI:        NPR      NetNebraska

You Might Also Read: 

Stay Cyber-Secure Working From Home:

 

« An 'Infodemic' Of Phishing & Malware
Supporting British Healthcare Cybersecurity During COVID-19 »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CloudInsure

CloudInsure

CloudInsure is a Cloud Insurance platform designed to specifically address emerging liabilities within the Cloud environment.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

NATO Communications and Information Agency (NCIA)

NATO Communications and Information Agency (NCIA)

The NCIA Cyber Security Service Line is responsible for planning and executing all life cycle management activities for cyber security.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

Compass Security

Compass Security

Compass Security is a specialist IT Security consultancy firm based in Switzerland. Services include pentesting, security assessments, digital forensics and security training.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

Romanian Association for Information Security Assurance (RAISA)

Romanian Association for Information Security Assurance (RAISA)

RAISA promotes and supports information security activities and creates a community for the exchange of knowledge between specialists, academic and corporate environment in Romania.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

Applied Security (APSEC)

Applied Security (APSEC)

APSEC provides products and services in the areas of encryption, digital signature, authentication and data loss prevention.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

Defensity

Defensity

Defensity offer bespoke & pre packaged IT Security Solutions for Small business to help companies reduce overall IT related risk.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Commvault

Commvault

Commvault's data protection and information management solutions help companies protect, access and use all of their data, anywhere and anytime.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.

RIoT Secure

RIoT Secure

RIoT Secure AB is a technology enabler within the IoT industry - created with a vision to ensure security technology exists in the foundations of software development for IoT solutions.

M7 Services

M7 Services

M7 Services are a comprehensive Managed Services Provider (MSP) with a focus on delivering cutting-edge information technology solutions and unparalleled customer service.