FEATURE
With the remote working trend on the rise due to the Coronavirus ( COVID-19 ) pandemic , many IT managers and corporate leaders have naturally been concerned about the challenges of securing employee ’ s access to the corporate network .
Given the precipitous nature of the pandemic , organisations have had very little time to prepare for such large-scale remote work , let alone think about how to secure ‘ work from home ’ users . These remote workers still need to access enterprise applications in the cloud and work with and store corporate data on their devices .
Think outside the perimeter – Security challenges of working from home
Security teams now have to think about how to continue to protect corporate resources and data , when most of their
To take advantage of the chaotic nature of these times , bad actors and hackers have been busy launching Coronavirusthemed cyberattacks and weaponising well-known websites that try to provide useful , timely information for the general
Cybercriminals are moving to lookalike domains to fool victims in their efforts to impersonate the target organisation or brand .
public . COVID-19 has become the subject line of choice for phishing / spearphishing campaigns that seek to take advantage of the heightened level of fear and concern . Let ’ s take a look at some rising threats that we could encounter .
Rising threat # 1 – Coronavirusrelated malware campaigns
Krupa Srivatsan , Director , Cybersecurity Product Marketing at Infoblox
employees are not within the corporate perimeter . The existing security stack within the corporate network is no longer sufficient to protect these teleworkers .
In addition , teleworking exposes a much broader attack surface as workers use BYOD devices and mobile devices that share home and public Wi-Fi networks , often with a much larger variety of Internet of Things ( IoT ) devices than found in a typical work environment . Public Wi-Fi networks present a higher probability that authentication and credentials may accidentally be compromised .
During March last year , our cyber intelligence unit noted that LokiBot infostealer joined the list of malware campaigns being distributed by cybercriminals taking advantage of the fear and interest in the spread of Coronavirus . We observed two malicious spam email campaigns distributing LokiBot under the guise of providing information on the Coronavirus impact to supply chains .
LokiBot has become popular with cybercriminals as an information stealer that collects credentials and security tokens from infected machines . LokiBot targets multiple applications , including but not limited to Mozilla Firefox , Google Chrome , Thunderbird , as well as FTP .
The email messages of the primary campaign had two subject lines , one of which alleged to be a supply chain www . intelligentciso . com
37