With almost the same swiftness as the COVID-19 Coronavirus itself striking the various countries of the world, the cyber criminals began a new series of attacks of their own in which they sought to take advantage of the changes in technology and workplace etiquette that businesses were using during their strict conformity to governmental standards that required them to be 'physically closed'. Many businesses were not prepared in the least for the requirements of remote work environments, and the additional security required to conduct such work in a manner that would guarantee the protection of their data.
Most employees did not have the technical resources to work from home successfully in a safe manner, they relied upon internet that was designed for personal use such as gaming or broadband download services for things like television or other streaming media. The excessive data loads of corporate work flowing into and out of their homes, coupled with the added security needs simply was not ever a consideration.
Even worse many employees working from home may have relied upon a WiFi service which had almost no security. For example it may have served several apartments in a multi-unit apartment complex, or perhaps was so poorly configured that several neighboring houses were actually tapped in using one person's internet without them knowing.
All of these vulnerabilities at the 'employee end' were just half of the kind of ripe access that cyber criminals were looking for, but they were also seeking the other end of the pipeline. You see many companies failed to provide adequate security for multiple inbound internet connections to their networks as well. They may have had one or two configured routes set up for specific users who needed 'Remote Desktop', but suddenly everyone in the office was now needing to gain access to the office network.
In a hurried attempt to provide this kind of remote service far too many businesses did a sloppy job and left themselves highly vulnerable to cyber attack. Accordingly, the rapid transition to a remote workforce as a result of COVID-19 has given rise to an onslaught of cybersecurity challenges.
Businesses small and large all have the same problems. While it is true that 'enterprise' sized organizations are more likely to have been better prepared, even many of those were relying on older technologies that were implemented long before COVID-19 and were not designed for essentially 100% of their employees to be working remotely. Most very small businesses had no remote access capabilities and rushed to put some solution, any solution, and in many cases the wrong solution(s) in place to simply get some type of access available.
Again the result was 'inadequate cyber security' and increased cyber attack vulnerability. As COVID-19 continued and the pandemic spread cyber adversaries first began and then actively expanded their threats. Threat actor mechanisms old and new like 'phishing' took both old and new forms.
For example, what better way to 'go phishing' then to play upon the fears associated with the COVID-19 pandemic itself. As a result cyber criminals were soon disseminating phishing emails that appeared to be from official organizations such as the Center for Disease Control, or State Health Departments telling people there was evidence they had been exposed, and asking them to 'click on a link' and provide essential information to verify their identification so they could be matched with known victims of COVID-19.
Another threat was a 'trickbot' called 'Mummyspider' that used a public health looking communication in an attempt to trick readers to download and unknowingly install a ransomware application.
But as I mentioned in the start of this article, one of the biggest threats was geared toward targeting 'remote access' and 'remote services' related to providing connectivity between employees working at home and a company's office computers. These threats focuses on the vulnerabilities of inadequate security down to the smallest break in Remote Desktop Protocol.
As the requirements for continuing 'remote' services are likely to continue, and traditional workplace design may in fact never return to the way it was 100%, it is essential that every business have enhanced information technology services and security. I encourage you to retain the services of professional information technology support including security services before another day goes by.