» INSIGHT
OVERCOMING ‘WORK FROM HOME’ SECURITY CHALLENGES
Krupa Srivatsan, Director, Cybersecurity Product Marketing at Infoblox writes about security beyond the VPN With the remote working trend on the rise due to the COVID-19 pandemic, many IT managers and corporate leaders have naturally been concerned about the challenges of securing employee’s access to the corporate network. Given the precipitous nature of the pandemic, organizations have had very little time to prepare for such large-scale remote work, let alone think about how to secure ‘work from home’ users. These remote workers still need to access enterprise applications in the cloud, and work with and store corporate data on their devices.
Think Outside the Perimeter – Security Challenges of Working from Home
Security teams now have to think about how to continue to protect corporate resources and data, when most of their employees are not within the corporate perimeter. The existing security stack within the corporate network is no longer sufficient to protect these teleworkers. In addition, teleworking exposes a much broader attack surface as workers use BYOD devices and mobile devices that share home and public Wi-Fi networks, often with a much larger variety of internet of things (IoT) devices than found in a typical work environment. Public Wi-Fi networks present a higher probability that authentication and credentials may be accidentally compromised.
34
CXO DX / FEBRUARY 2021
To take advantage of the chaotic nature of these times, bad actors and hackers have been busy launching coronavirus themed cyber-attacks and weaponizing well-known websites that try to provide useful, timely information for the general public. COVID-19 has become the subject line of choice for phishing/spear-phishing campaigns that seek to take advantage of the heightened level of fear and concern.
Let’s take a look at some rising threats that we could encounter.
Rising Threat #1 – Coronavirus Related Malware Campaigns During March last year, our cyber intelligence unit noted that LokiBot infostealer joined the list of malware campaigns being distributed by cybercriminals taking advantage of the fear and interest in the spread of Coronavirus (COVID-19). We observed two malicious spam email campaigns distributing LokiBot under the guise of providing information on the Coronavirus impact to supply chains. LokiBot has become popular with cybercriminals as an information stealer that collects credentials and security tokens from infected machines. LokiBot targets multiple applications, including but not limited to Mozilla Firefox, Google Chrome, Thunderbird, as well as FTP.
