According to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), as more employees are now working from home, or teleworking, vulnerabilities are being found with regards to VPNs and phishing attacks.
“As organizations use VPNs for telework,” CISA notes, “more vulnerabilities are being found and targeted by malicious cyber actors.” What’s more, seeing as these VPNs are running 24/7, businesses are less likely to keep them updated with the latest security patches and updates.
Furthermore, organizations may have a limited number of VPN connections, after which point no other employee can connect in order to telework. “With decreased availability, critical business operations may suffer, including IT security personnel’s ability to perform cybersecurity tasks.”
CISA warns that malicious cyber actors may increase phishing emails targeting employees working from home in order to steal their usernames and passwords. They go on to recommend that organizations use multi-factor authentication (MFA) for remote access as those systems that do not are more susceptible to these phishing attacks.
It’s also important to note that hackers are using concerns over coronavirus to prey on individuals, exploiting fears to tempt people to click on malicious links and download computer viruses. In fact, cyber group Check Point found that cyber criminals are using concerns around coronavirus to push spam out, and that coronavirus-themed domains are 50% more likely to be malicious than other domains.
What You Can Do to Work from Home Securely
For organizations, CISA suggests that VPNs, network infrastructure devices, and devices being used to log into work environments remotely be updated regularly with the latest software patches and security configurations. Additionally, multi-factor authentication should be implemented on all VPN connections.
For employees, if MFA is currently not being used at your organization, you should be using strong passwords. You should also be alert to an increase in phishing attempts during these times, especially those specifically related to coronavirus.
For IT security personnel, make sure you “test VPN limitations to prepare for mass usage and, if possible, implement modifications—such as rate limiting—to prioritize users that will require higher bandwidths”. CISA also recommends that IT security personnel are prepared to ramp up remote access cybersecurity tasks including attack detection, incident response and recovery, and log review.
If you’ve already experienced or come across malware, phishing scams, and other cybersecurity concerns, you can report these types of incidents to CISA here.