The Risks Of Remote Working

A large numbers of firms are sending out work-from-home policies with the aim to limit the risks of the coronavirus and cyber security experts are now saying that remote workplace setups are encouraging new hacking attacks. 

The FBI has issued a statement about fraud related to the virus, particularly by scammers posing as official health agencies and other seemingly offical organisations  

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them....Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”

The FBI advice is to carefully check and don’t open or respond to Fake Disease Control and Prevention emails, Phishing emails apparently from the government asking for your personal information and Counterfeit Treatments or Equipment that talks about prevention or treatment of the virus.

Recently, a hacking group tried to break into the World Health Organisation (WHO). The breach was discovered by Alexander Urbelis, a hacker-turned-information-security lawyer who founded the New York Blackstone Law Group. Although Urbelis can't be certain about the identity of the hackers, he says the group replicated a portal used by remote World Health Oragisations (WHO) employees that he describes as "very, very convincing."

Cyber Attack Targeting WHO
The group that targeted the WHO, has been watched for quite a while and it appears that the group has reawakened or reactivated some of its infrastructure. There are some indications that a group by the name of DarkHotel, first identified by the experts at Kaspersky, known for targeting hotel guests and Wi-Fi networks, may be responsible for this particular type of attack.

Their attacks are elegant and well researched. The attackers perform a significant amount of reconnaissance on the configurations and the systems and they carefully create portals that look exactly like the victims' portals.

That's was what was seen with the WHO on the 13th of March. A URL, a Web address, was created and put together that exactly mirrored the doorway to World Health Organisation's internal file systems. So it was the external link to the internal file systems, that portal that remote employees would use to access the WHO, let's say if they were working from home and that's what this group had replicated.

This group not only replicate the portals of the WHO, but major research universities and many other intergovernmental organisations like the WHO.  In fact, the same day that the WHO was targeted by this particular group, they also targeted certain components of the United Nations

The DarkHotel hackers have the chracteristics of being a state-sponsored or state-affiliate group. That means that they could be considered as an APT, an advanced persistent threat, essentially a force to be reckoned with.

Reuters:         FBI:        NPR      NetNebraska

You Might Also Read: 

Stay Cyber-Secure Working From Home:

 

« An 'Infodemic' Of Phishing & Malware
Supporting British Healthcare Cybersecurity During COVID-19 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cortado Mobile Solutions

Cortado Mobile Solutions

Cortado Mobile Solutions is the manufacturer of the mobile device management solution Cortado MDM.

Leviathan Security Group

Leviathan Security Group

Leviathan provides a broad set of information security services ranging from low-level technical engineering to strategic business consulting.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

Aricoma

Aricoma

Aricoma are Architects of Digital. We aim to become a major player in end-to-end IT services and digital transformation in Europe.

SGBox

SGBox

SGBox is a highly flexible and scalable solution for IT security. Choose the modules which your company needs and implement it without any modification to your network infrastructure.

Ultratec

Ultratec

Ultratec provide a range of data centric services and solutions including data recovery, data erasure, data destruction and full IT Asset Disposal (ITAD).

Lewis Brisbois

Lewis Brisbois

Lewis Brisbois offers legal practice in more than 40 specialties, and a multitude of sub-specialties including Data Privacy & Cybersecurity.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Tromzo

Tromzo

Tromzo's mission is to eliminate the friction between developers and security so you can scale your application security program.

Moro Hub

Moro Hub

Moro Hub, a subsidiary of Digital DEWA, is a UAE-based digital data hub focused on digital transformation and operational services.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

MiC Talent Solutions

MiC Talent Solutions

MiC Talent Solutions provides recruiting, direct hire, augmented staff, and professional service contracting solutions for organizations searching for minority cybersecurity talent.

Saidot

Saidot

Saidot is a Finnish AI governance and alignment company committed to helping businesses safely and transparently integrate AI into their operations.

BCX

BCX

BCX, a subsidiary within Telkom Group, is one of Africa’s largest systems integrator and digital transformation partners for enterprises and public sector organisations.

OrbiSky Systems

OrbiSky Systems

OrbiSky Systems is a British tech startup specializing in data management and cybersecurity solutions.