With remote workers reaching unprecedented levels during the COVID-19 pandemic, strengthening Wi-Fi access points and the devices that access them is becoming a necessity. Unfortunately, very little thought has been given to Wi-Fi in the security landscape leaving many people vulnerable to hackers. Before the onset of the COVID-19 pandemic, people were using public Wi-Fi for collaborating with co-workers, outside suppliers and customers, along with friends. What made public Wi-Fi so useful was that it was widely available and, more importantly, free. As of last year, there were a total of 362 million public Wi-Fi hotspots available around the globe.
Know the types of Wi-Fi attacks to watch out for.
The most often used attack for WIFI is
called Man-in-the-middle. Hackers use Man-in-the-middle to intercept data
packets as they travel from the person’s computer to the WIFI network. Think of
this as cyber-eaves dropping. The hacker has access to your files and can view
your messages. For a man-in-the-middle attack to work, the hacker needs to be
in the range of an unencrypted WIFI access point. Or has set up a rogue WIFI
access point that the unsuspecting person signs in on.
Do you ever go into a Starbucks to
work? You check for free WIFI, and you see two Starbucks access points available.
You don’t give it a second thought and click on the wrong one. Well, that’s an
Evil Twin situation, were the access point that looks legitimate, but isn’t.
One of the more famous Evil Twin
attacks happened during the 2016 Republican National Convention, where 1,200
attendees connected to the IVOTETRUMP! Hotspot.
AirCrack, Passive Sniffing,
Cowpathy and many more…
To prevent remote workers from these
types of attack methods, what’s needed is to look at security more
holistically. Many people, especially during this unique time, are unaware of
the risks of using unsecured Wi-Fi. The organizations that these people work
for also fail to take the proper precautions to protect remote workers wherever
they are located and the data they access.
Organizations need to think of the whole picture instead of letting their deployed devices out in the wild. Data should be protected behind a Firewall, the devices accessing the data should be monitored and protected with endpoint protection. Instead of installing an access point and walking away, think of WIFI-as-a-Service, that includes a wireless access point but does much more such as advanced security information and event analysis, real live threat detection and remediation.
Each step taken builds upon your organization’s security posture and keeps both your users and your data safe and secure.
Google released a stat this week that 39% of its workforce is away from its various offices in the U.S. In Canada, its 44%. Also, this week, research firm Gartner Inc. reported that 88% of organizations have set up some work from home program.
Many organizations had little or no plans
for securing these workers at home previous to the COVID-19 pandemic, which has
created an opportunity for threat actors to target these people. Most of these individuals
are focused on trying to be productive, while self-isolating to remain safe and
healthy. For many, this new work-at-home reality has been challenging. The
hacker community is taking advantage of this crisis to target vulnerable people
who have their minds distracted by things at home.
Hackers are finding success using hidden mobile apps and unique distribution methods, according to the latest McAfee Mobile Threat Report 2020. The report found that mobile apps, third-party login and counterfeit gaming videos are the tools hackers are using to lure remote workers. Approximately 50% of all malicious threats were as a result of hidden mobile apps.
Terry Hicks, the executive vice president
of McAfee’s Consumer Business Group, said mobile threats are playing a game of
‘hide and seek.’ McAfee has uncovered that hackers have expanded the ways of
hiding their attacks, making them increasingly difficult to identify and
remove, which makes it seem like 2020 will be the year of attacks from places
organizations least expect them.
McAfee’s research found that hidden apps are the most active mobile threat, generating nearly 50% of all malicious activities. Hackers continue to target people through channels that they spend the most time on— their devices, as the average person globally is expected to own 15 connected devices by 2030. Hidden apps take advantage of unsuspecting individuals in multiple ways, including taking advantage of third-party login services or serving unwanted ads. Here are a few examples.
Remote workers who are learning how to work from home are dealing with gaps in there day that they occupy by playing games and seeking other multimedia experiences. Hackers are taking advantage of this by distributing malicious apps through links in gamer chat apps and cheat videos by creating their content containing links to fake apps. These apps disguise themselves as real with icons that closely simulate the actual apps but serve unwanted ads and collect user data. McAfee researchers uncovered apps such as FaceApp, Spotify, and Call of Duty all have fake versions trying to prey on unsuspecting users.
New Mobile Malware
McAfee researchers have also discovered new mobile malware called LeifAccess, also known as Shopper. This malware takes advantage of the accessibility features in Android to create accounts, download apps, and post reviews using names and emails configured on the victim’s device. McAfee researchers observed apps based on LeifAccess being distributed through social media, gaming platforms, malvertising, and gamer chat apps. Fake warnings are used to get the user to activate accessibility services, enabling the full range of the malware’s capabilities.
Legitimate Apps Used by Hackers
There are also legitimate apps aimed at stealing data used by Hackers. McAfee researchers found that a series of South Korean transit apps were compromised with a fake library and plugin that could exfiltrate confidential files called MalBus. The attack was hidden in a legitimate South Korean transit app by hacking the original developer’s Google Play account. The series provides a range of information for each region of South Korea, such as bus stop locations, route maps, and schedule times for more than five years. MalBus represents a different attack method as hackers went after the account of a legitimate developer of a popular app with a solid reputation.
What’s clear is that with so many more remote workers in play, hackers will have a bigger pool of people to target, which is why a comprehensive suite of security, backup, and management solutions for those who use Office 365 is an excellent route to protecting these users.
During this time of COVID-19, people need to protect their email with powerful tools that can scan the email tenant for phishing and malware. Not only do they need tools to look for the usual suspects but also advanced AI systems and tools such as a Security Information and Event Management (SIEM) system. These tools find suspicious or malicious events and have an extra layer of security by having real human beings that can take action and remediate potential security threats.Services such as Secure IT – Mail are able to fulfil the needs of keeping users secure while working remote.
The current COVID-19 situation has led to a lot of organizations to shift their entire workforce to work remotely. For some organizations, this means that employees may be working remotely for the first time. Working remotely changes the way teams interact and work together and staying productive can be difficult in these circumstances. Here are five best practices for keeping teams on task and fostering collaboration as teams work remotely.
1. Use A Reliable Platform
Solely relying on email to communicate
with your remote workforce is ineffective. Users may receive many emails per
day and miss important messages. Being able to communicate via web chat, phone
call or video conferencing makes it easier and faster for users to talk to one
another. It also allows users to easily share documents/their work and receive
feedback in real-time.
2. Meet Regularly
Staying connected with employees is
essential, especially if your team usually sees each other every day.
Scheduling meetings (via video call or phone chat) to communicate throughout
the day is a great way to stay engaged and keep one another updated on
completed/ongoing tasks and goals.
3. Support Employees
Employees who are not used to working
remotely may be struggling with the shift. The added social isolation and
overarching health concern may also cause employees additional stress or
anxiety. It’s important to check in with employees, listen to their concerns
and empathize with their situations. If your organization offers an employee
assistance program (EAP), remind employees that they have access to this
4. Stay Accessible
When working apart, users will need to
communicate with one another more often. Unlike an office setting where
employees can pop by your desk/office, employees have no idea whether you’re
out to lunch or in a meeting. Leaving your calendar open or having a status
notification displayed will inform employees of your availability. That way,
they know if you’re too busy to respond to their query.
5. Prioritize Tasks
Help employees focus on their initiatives
by providing direction on how they should engage with their current priorities.
Discuss with each team member individually on where each person should direct
their focus and ensure they know which tasks should be a priority. If you can
narrow down their tasks, they will feel less overwhelmed and be able to direct
their attention to the most critical projects.
For more tips and resources, we’ll be releasing our resource center soon!
it comes to remote working, who’s responsible for security? According to
research from Capita, approximately 90 per cent of employees believe it’s their
employer’s responsibility to ensure IT security when working remotely. While organizations
must ensure they are implementing proper security controls for their users,
employees must also be accountable for their actions and how they contribute to
an organization’s security. A combination of security tools and user awareness
is necessary for organizations to increase their security posture. With an
organization’s workforce so spread out, employees need to be more engaged with
security. Implementing a people-centric security strategy will empower
employees and make them feel more involved.
An effective security strategy has
clearly defined policies and procedures and outlines roles and responsibilities
for members of an organization. A people centric approach acknowledges the role
employees play in an organization’s overall security posture and creates a
culture of cybersecurity designed to change employee behaviour and encourage
employees to think with a security mindset.
3 Ways to Adopt a People-Centric Security Strategy
1. Asses User Risk
Start by establishing a baseline of
user risk. This can be done by testing employees with simulated phishing tests.
Simulated phishing tests enable users to experience real life phishing attacks
in a safe environment. It records users who click on phishing links and sends
them to remedial training to strengthen their responses. Simulated phishing
tests give organizations an idea of how many users are susceptible to these
kinds of attacks and can help them determine their vulnerability level so they
can implement better security controls moving forward.
Exposing users to phishing attacks
reminds them to inspect their emails more carefully and teaches them how to
spot these kinds of attacks. Simulated phishing tests should be done more than
once so that organizations can track user progress over time. With phishing
being the most common type of cyber attack, it’s important that users
strengthen user reactions to these kinds of attacks.
2. Hold Users Accountable
Employees must be willing to be
accountable and take personal responsibility for their actions. To encourage
accountability, organizations should implement an end user security policy that
employees must read and sign-off on.
Your end user security policy
should review security best practices you expect every employee to follow. Such
actions can include locking screens, using strong passwords and implementing
multi factor authentication. You should explicitly outline consequences of
misuse and hold users responsible if they violate the policy. Ensure your
policy is simple and easy to read so that employees understand your security
3. Provide Access to Resources
Motivate and engage users to take
responsibility for security by providing them access to high quality resources
like security awareness training. Online security awareness training is a great
way for users to learn about various cybersecurity topics at their own pace.
New methods of online training like gamification and online quizzes make
training more fun for users and helps them be more attentive in retaining
Access to other online resources
like infographics, cyber tips or news articles gives employees tools they can use
to refer to and refresh their memory. If users understand how cyber threats
like phishing and social engineering affect their lives both at work and at
home, they will feel more connected to the issue.
Jolera’s Secure IT User Defence solution is designed to empower your employees to be the first line of defence. The solution includes simulated phishing tests, online cyber awareness training and credential monitoring. For more information on how Jolera can protect your organization, contact us today.
A new malware family has been discovered operating in 56 Google Play applications, which have collectively been downloaded nearly one million times around the world. Dubbed “Tekya,” the malware aims to commit mobile ad fraud by imitating user actions to click advertisements.
Proper security measures must be in place to defend against Tekya malware and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.
Adobe has released a security update for the Adobe Creative Cloud Desktop Application for Windows. This update addresses a critical vulnerability. Successful exploitation could lead to arbitrary file deletion.
Proper security measures must be in place to defend against Milum RAT and similar threats. Having proper up-to-date endpoint security provides a cross-generational blend of threat defense techniques to protect systems from malware.
As the threat of COVID-19 continues to
spread, many businesses are having employees work remotely. The rise of online
working means that an organization’s attack surface will be more spread out.
Employees may not have the same protections installed on their personal devices
at home as they do on their workstations in the office. Without proper security
precautions in place, users increase their risk to cyber threats like malware
and phishing. It’s important to remind employees that although they may be
working from home, they are still expected to engage in safe cyber habits and
safeguard corporate data.
Attacks are Increasing
Cybercriminals are exploiting people’s fears by sending phishing emails about COVID-19. These emails impersonate official health departments and claim to have new information/updates about the virus. They are designed with the hopes of tricking users into downloading malicious attachments or giving up personal information. In one other instance, cybercriminals duped a popular interactive world map that displayed confirmed cases of COVID-19 to spread malware.
People who aren’t used to working at home can get distracted, especially if they are accustomed to going into an office everyday to work. They may mix personal browsing with their work and encounter cyber scams related to COVID-19. In their distraction, they may accidentally click on malicious links. Users may also feel safer while working at home and let their guard down when it comes to working online. They can forget to engage in simple cyber safe behaviours like locking their computer or double-checking URLs before they click on them.
The Security Challenges of Remote Working
Working remotely can create a lot of
security challenges for organizations. Users who are not prepared to work
remotely may have to use their personal devices to access corporate material.
These devices may not be secured or have the latest updates installed. Users can
end up engaging with malicious websites that would usually be blocked by an
organization’s firewall or leave their devices open to vulnerabilities.
Users working from home may also be
connected to networks that are not secured. Although users may not be working
from public spaces (with public WiFi) during this time, home networks may not
be properly secured either. Furthermore, employees may have insecure IoT
devices (such as lights, refrigerators, etc.) connected to the home network. Each
of these devices could be a potential entry point for hackers.
What You Can Do
Inform and Update Employees
Many people are stressed out and worried
about how COVID-19 will affect them. Keep your employees informed about how
their work is being impacted by the current outbreak and provide them with
links to official sources (government, WHO, etc.) to ensure that they can keep
themselves informed safely.
Reiterate Good Cybersecurity Practices
Awareness is the only way to combat
phishing and social engineering scams. Employees must understand that they
still have a responsibility to keep company data safe even though they are
working from home. Remind employees to be careful of suspicious emails,
especially those claiming to be about the virus. If they receive any suspicious
emails, employees should disregard them and not engage. Encourage employees to
not click on any links or download any attachments. They should always double
check sender email addresses and any URLs they may encounter.
Issue Corporate Devices
To ensure employees have access to
necessary resources required for their work, employees should be given company
issued devices. This will make it easier for your organization to manage and
monitor your remote systems and ensure that company data is separate from a
user’s personal data. It will also ensure that all devices have security tools
installed (e.g. anti-virus, encryption tools, etc.).
Use a VPN
A VPN will provide employees with a secure
connection to your organization’s network. All employees should use a VPN to
access company resources, especially if they are using personal devices. Ensure
that your VPN is set up to support your entire remote workforce and that it is
up to date.
Our Support IT platform can assist your
organization in providing employees secure remote access to essential tools and
systems. For more information on how Jolera can help with your remote working
environment, contact us today.