Written by International Compliance Association on Saturday April 11, 2020
According to Cynet, findings from an analysis of aggregate customer data in the region found that “companies with higher instances of the virus, and that have quarantined or instructed employees to work from home, are now experiencing a sharp rise in both phishing attacks that target remote user credentials and include weaponized e-mail attacks.”
“Remote workers have become a weak link that threat actors are targeting and that user credentials in offsite computing (home) environments are increasingly at risk, especially in regions with escalating cases of COVID-19.” - Cynet report
The analysis focused on multiple organizations in Italy and shows a distinct spike in remote worker phishing attacks. “This indicates that remote workers have become a weak link that threat actors are targeting and that user credentials in offsite computing (home) environments are increasingly at risk, especially in regions with escalating cases of COVID-19,” Cynet said.
This spike is coupled by a similar increase in anomalous remote login attempts flagged by Cynet as malicious. Cynet said it has also observed a “sharp rise in weaponized email attacks. As personal computers lack enterprise-grade email security and advanced endpoint protection, they are significantly less secure and more vulnerable to malware, exploits, Macros and other malicious executables.”
According to the findings, 21 percent of personal computer email systems featured simplistic attacks, with a link to download a malicious executable embedded in the email body. The remaining attacks were more advanced and included malicious macros (32 percent) and exploits or redirection to malicious websites (35 percent)—a challenge that surpasses the capabilities of most home devices’ anti-virus and email protection solutions.
More than 40 percent of these attacks were limited by behavioral analysis, while nearly 30 percent were stopped by machine-learning static analysis. Another 20 percent were halted using memory monitoring, and 10 percent were identified and blocked using their signature. “The fact that only 10% of the malware attacks were identified by their signature indicates that the attackers behind these campaigns are using advanced attacking tools to take advantage of the employees working in non-secure home computing environments,” said Cynet CEO and Co-Founder Eyal Gruner.
Gruner recommended that employees be provided with “enhanced offsite security and support to protect malicious access to sensitive IT systems and data.” It’s also critical, he said, that business security teams are functioning properly, even with missing team members in quarantine.
This article has been republished with permission from Compliance Week, a US-based information service on corporate governance, risk, and compliance. Compliance Week is a sister company to the International Compliance Association. Both organisations are under the umbrella of Wilmington plc. To read more visit www.complianceweek.com
Thank you. Your comment is awaiting moderation and should appear on the site shortly.
Required fields are not completed, please ensure all required fields (*) have been filled in properly.
You can leave the name empty should you wish to remain Anonymous.