Cybercriminals are taking advantage of the coronavirus crisis to spread malware, disrupt operations, sow doubt and make a quick buck.
While organizations can take plenty of steps to ensure employees are well-equipped to work remotely in a secure manner, threat actors of all stripes are already taking advantage of the COVID19/coronavirus situation.
Never ones to miss an opportunity, attackers are ramping up operations to spread malware via Covid19-themed emails, apps, websites, and social media. Here’s a breakdown of potential threat vectors and techniques threat actors are using to attack organizations.
Of particular concern are Salesforce users and insecure endpoints.
With large numbers of employees or even the entire businesses working remotely for an extended time, the risks around endpoints and the people that use them increase. Devices that staff use at home could become more vulnerable if employees fail to update their systems regularly.
Working from home for long periods of time may also encourage users to download shadow applications onto devices or flout policies they would normally follow in the office. Less business travel might reduce the chance of employees having security issues at borders, but it only reduces the threat of connecting to insecure WiFi networks or losing devices if they actually stay at home. Those that do go out to work from cafes — and some probably will — might still be susceptible to theft or loss of devices, or man-in-the-middle attacks. Without a third-party software like EZProtect connected to each Salesforce environment, there is no way to defend against this data entering Salesforce, and therefore, the company network once triggered.
The International Association of Information Technology Asset Managers recommends that all IT assets being taken home be signed out and tracked, that companies provide policy and advice around how assets be used at home (especially if people are used to sharing devices with family), remind users of policies around connecting to public WiFi, and make sure they continue to update their software as needed.