Hackers Are Exploiting Remote Workers

In the shadowy world of cybercrime, the coronavirus emergency is seen as a big opportunity.  Experts are warning of a new wave of cyber attacks targeting those who are forced to work from home during the coronavirus outbreak. There is increasing evidence that hackers are using the concerns over the virus to prey on individuals and that working outside secure office environments opens the door to more cyber vulnerabilities. 

Periods of change and transition create new vectors of attack, new exposure surfaces to exploit, and new ways to steal the personal data of employees or the trade secrets of companies.

Experts say that cyber criminals are devising ways of taking advantage of millions of employees transitioning to work-from-home situations. They know that employees will be connecting to their companies’ servers and other resources in a very different way. They are also aware that many employees will be doing their work on computers normally used for personal affairs, and that other workers will rely more on their mobile devices in the absence of a work computer.

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged that organisations keep their systems updated and patched and be transparent with employees about the dangers of malicious emails, particularly those that use coronavirus fears to tempt individuals to click on them and download computer viruses.

In Britian the National Cyber Security Centre (NCSC), UK, has issued a security advisory, urging those who use smart cameras and baby monitors in the home to take the steps necessary to protect their devices from cyber criminals.

Similar to large parts of the world at present much of Israeli public are working from home under movement restrictions following the government directives ordering non-essential workers to stay home to stem the spread of the coronavirus. Officials there say criminals are using telephone ‘phishing’ attacks to try to access company login credentials and the Israeli National Cyber Authority has warned the public of an increased danger of hacking attacks as more Israelis work from home amid the coronavirus outbreak. 

They specifically warned of so-called voice phishing or “vishing” attacks, a type of phone fraud where criminals scam victims into giving up private information, usually for identity theft. Phishing attacks are carried out via email or other online communication.

In attacks that took place this week in Israel, workers received phone calls that appeared to be from their companies’ computer departments asking for their usernames and passwords. The hackers aim to infiltrate the firms to gain information for leaks, access encrypted files, destroy information or cause other damage to the organization or its employees, the cyber authority said.

An Israeli financial company has resited an attempted hacking of its employees when some of the firm’s workers received calls purportedly from its technical department asking in Hebrew for usernames and passwords to the company’s virtual private network. 

The Israeli National Cyber Authority which recommends that companies raise awareness among their workers, and use two-step and multi-channel authentication measures. In recent weeks the authority has warned several times of fraud online amid the pandemic, saying it has identified over 5,000 suspicious coronavirus-related websites.

Israeli National Cyber Directorate:     Times of Israel:     SC Magazine:     Fast Company:      The Hill:   


You Might Also Read: 

Remote Working Is On Suddenly On Trend:

 

 

 

« New Guidelines For Maritime Cyber Security
London’s National Gallery Hit With 2 Million Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

8MAN

8MAN

8MAN is a leading Access Rights Management (ARM) solution in Microsoft and virtual server environments.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

Sequitur Labs

Sequitur Labs

Sequitur Labs is developing seminal technologies and solutions to secure and manage connected devices of today and in the future.

VMRay

VMRay

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine.

Global Cyber Alliance (GCA)

Global Cyber Alliance (GCA)

Global Cyber Alliance is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world.

ZEBOX

ZEBOX

ZEBOX is an international incubator & accelerator of innovative startups. Focus is on Transport/Logistics and Industry X.0 including technologies such as AI, Blockchain and Cybersecurity.

C11 Cyber Security & Digital Innovation Centre

C11 Cyber Security & Digital Innovation Centre

C11 is working with local and national partners to develop talent and bring brilliant minds and brilliant businesses together.

ColorTokens

ColorTokens

ColorTokens Xtended ZeroTrust Platform protects from the inside out with unified visibility, micro-segmentation, zero-trust network access, cloud workload and endpoint protection.

Focal Point

Focal Point

We aspire to be the focal point for Medium and Small size companies providing 24/7 cyber security advice, services and solutions.

ClassNK Consulting Service (NKCS)

ClassNK Consulting Service (NKCS)

ClassNK Consulting provides consulting services to the maritime industry with a focus on safety, security and compliance.

Cyber Range Solutions (CRS)

Cyber Range Solutions (CRS)

CRS provides cyber security training and improve security team performance by providing a hyper realistic, virtual training environment.

Q5id

Q5id

At Q5id, we prove that your customers' digital identity and real-world identity are the same, our verification and authentication solution delivers a Proven and Secure digital identity for everyone.

Nicoll Curtin

Nicoll Curtin

Nicoll Curtin is a global company with over 20 years of experience in connecting outstanding talent with industry leading companies within Technology, Change and Cyber Security.

JLS Technology

JLS Technology

Since 2007, JLS Tech has been recognized as one of the world’s most innovative cybersecurity and technology operations leaders.

MergeBase

MergeBase

Reduce software supply chain risk with MergeBase proven Software Composition Analysis (SCA).

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.