The Risks Of Remote Working

A large numbers of firms are sending out work-from-home policies with the aim to limit the risks of the coronavirus and cyber security experts are now saying that remote workplace setups are encouraging new hacking attacks. 

The FBI has issued a statement about fraud related to the virus, particularly by scammers posing as official health agencies and other seemingly offical organisations  

“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both. Don’t let them....Protect yourself and do your research before clicking on links purporting to provide information on the virus; donating to a charity online or through social media; contributing to a crowdfunding campaign; purchasing products online; or giving up your personal information in order to receive money or other benefits.”

The FBI advice is to carefully check and don’t open or respond to Fake Disease Control and Prevention emails, Phishing emails apparently from the government asking for your personal information and Counterfeit Treatments or Equipment that talks about prevention or treatment of the virus.

Recently, a hacking group tried to break into the World Health Organisation (WHO). The breach was discovered by Alexander Urbelis, a hacker-turned-information-security lawyer who founded the New York Blackstone Law Group. Although Urbelis can't be certain about the identity of the hackers, he says the group replicated a portal used by remote World Health Oragisations (WHO) employees that he describes as "very, very convincing."

Cyber Attack Targeting WHO
The group that targeted the WHO, has been watched for quite a while and it appears that the group has reawakened or reactivated some of its infrastructure. There are some indications that a group by the name of DarkHotel, first identified by the experts at Kaspersky, known for targeting hotel guests and Wi-Fi networks, may be responsible for this particular type of attack.

Their attacks are elegant and well researched. The attackers perform a significant amount of reconnaissance on the configurations and the systems and they carefully create portals that look exactly like the victims' portals.

That's was what was seen with the WHO on the 13th of March. A URL, a Web address, was created and put together that exactly mirrored the doorway to World Health Organisation's internal file systems. So it was the external link to the internal file systems, that portal that remote employees would use to access the WHO, let's say if they were working from home and that's what this group had replicated.

This group not only replicate the portals of the WHO, but major research universities and many other intergovernmental organisations like the WHO.  In fact, the same day that the WHO was targeted by this particular group, they also targeted certain components of the United Nations

The DarkHotel hackers have the chracteristics of being a state-sponsored or state-affiliate group. That means that they could be considered as an APT, an advanced persistent threat, essentially a force to be reckoned with.

Reuters:         FBI:        NPR      NetNebraska

You Might Also Read: 

Stay Cyber-Secure Working From Home:

 

« An 'Infodemic' Of Phishing & Malware
Supporting British Healthcare Cybersecurity During COVID-19 »

Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

Threatpost

Threatpost

Threatpost, is an independent news site which is a leading source of information about IT and business security.

Aqua Security Software

Aqua Security Software

Aqua Security helps enterprises secure their cloud native applications from development to production, whether they run using containers, serverless, or virtual machines.

CONCERT

CONCERT

CONCERT is a Computer Emergency Response Team and cyber security information sharing network for companies, institutes and government in Korea.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

Digital Transformation EXPO

Digital Transformation EXPO

Digital Transformation EXPO is a new mega event encompassing the IP EXPO event series, the global Cyber Security X event series and the new Ai-Analytics series.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

Netragard

Netragard

Netragard has an established reputation for providing high-quality offensive and defensive security services.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.