SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

START FREE TRIAL

How Hackers Are Exploiting COVID-19 and What Organizations Can Do About It

Now that many people are working from home due to the coronavirus disease (COVID-19), businesses are facing unprecedented cybersecurity challenges. Unfortunately, among many challenges, hackers are poised to capitalize on the crisis by attacking with viruses of their own. Thousands of COVID-19-related websites are being launched by cyber criminals. Tragically, COVID-19-themed domain registrations are 50% more likely to be from malicious actors.

Most of these sites include phishing scams that exploit both consumers and workers who simply want to stay up to date on what’s going on. Directing traffic to these fraudulent sites are malicious email campaigns that use phishing and even social engineering tactics to incent action on the part of the user.

Ransomware is on the rise as well. Recently, a tracking app called “COVID19 Tracker” masked itself as a coronavirus outbreak map tracker. It was really ransomware that could lock down a phone and demand the payment of $100 within 48 hours.

This explosion of threats has caught the attention of the FBI, which issued warnings of an increase in fraudulent crimes related to the coronavirus. Cyber crimes include fake CDC emails, phishing emails related to stimulus checks, and the promotion of fake COVID-19 treatments and/or products like respirator masks, goggles, and protective gowns.

While there is an abundance of information online about COVID-19, users working from home should be careful about clicking on fraudulent sites and links. The latest up-to-date information about COVID-19 can be found at www.cdc.gov and www.coronavirus.gov.

Businesses Are Turning to VPNs During the Outbreak

With tens of millions of workers now doing work outside the enterprise network perimeter, businesses face the risk of their internal data being attacked. The surge of videoconferencing, remote access, and VPN services in the home are greatly expanding the attack surface that hackers can exploit and gain entrance into a network.

VPNs are an obvious target, since they’re being used by companies to secure communications with corporate networks. Reports are surfacing that VPNs in the U.S. could soar 150% as COVID-19 spreads. Concerns over VPN security were a concern even before COVID-19. That’s why the Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of Homeland Security, issued an alert that pointed to specific work-from-home vulnerabilities that are zeroing in on potential VPN cyberattacks. The alert advised the use of multi-factor authentication on all VPN connections to increase security. CISA said: “If MFA is not implemented, require teleworkers to use strong passwords.”

Ways Workers Can Be Productive Working from Home

COVID-19 is no doubt straining employees' ability to stay productive. In this critical time, here are some tools and ideas that can make the work-from-home experience more manageable. 

Set up a home workplace. For many workers, setting up an area at home to work is a completely new experience. It goes much further than simply having a laptop of computer. After identifying a dedicated work area, workers should take inventory of specific items they need. Contrast offers a Work From Home Kit that includes equipment that can enhance the home workspace. This includes noise cancelling headphones, blue light blocking glasses, USB desktop microphones, and more.     

Get up to speed on collaboration software. For the foreseeable future, internal teams are going to greatly depend on enterprise software, whether it is Microsoft Teams, Slack, or Salesforce. Videoconferencing software like Zoom and GoToMeeting have become near essential for teams and colleagues seeking to connect “virtually face to face.” Company employees will be provided the specific software used within the organization, but maybe not provided directions on how to use them. For additional help, YouTube offers great tutorials for these collaboration software products. 

Add essential devices for productivity. No matter the nature of work, work-from-home employees should all have a high-quality printer, a high-speed router, a good headset, phone and tablet chargers, and, of course, a great coffee maker. For other items like stand-up desks and ergonomic chairs, here’s a good list of everything needed to work from home, according to people who do it every day. 

Remain vigilant about security. In addition to adhering to company security parameters, users should remember to log out of the network when not in use, always use a strong password (if current ones are weak, it’s a good idea to update them to something more complex), and never click on an email or link that seems suspicious. As mentioned, these seem to be everywhere. Get COVID-19 information from known sources, not from a stranger’s email.

How Businesses Can Respond to New Work-from-Home Threats

As organizations and workers navigate this new work-from-home world and the threats that come with it, the World Economic Forum has provided a checklist of ways that individual users and businesses can protect from cyberattacks during COVID-19 that are helpful:  

  • Better understand threats to the organization. Since more employees are working from home, security teams need to identify likely attack vectors and prioritize the protection of their most sensitive information and business-critical applications.
  • Provide clear guidance and encourage communication. Companies need to ensure that security policies for workers are clear and easy to follow. This includes instructing employees to communicate with internal security teams about any suspicious activities.
  • Ensure the right security capabilities. Organizations need to ensure that all corporate-owned or managed devices are equipped with the best security capabilities, extending the same network security best practices that exist within the enterprise to all remote environments.

How Individual Users Can Help Avoid COVID-19-related Cybersecurity Attacks

Individual users play a part in a secure work-from-home environment as well. The World Economic Forum provides guidance for them:

  • Maintain good password hygiene. Workers should always use complex passwords and multi-factor authentication when possible and change passwords frequently.
  • Update systems and software. Individuals should install updates and patches as often as possible, including on mobile devices.
  • Secure Wi-Fi access points. Users should change their default settings and passwords to reduce the potential impact on their work of an attack via other connected devices.
  • Don’t mix personal and work. Workers should use their work devices to do work and their personal devices for personal matters, if possible.  

Coding Software at Home, Strategies for Developers to Be More Productive

Software developers are working from home as well. They’re going through the same issues of frustration, worry, and the need for security as everyone else. It is important developers have a work environment where they can churn out the applications their organization depends on without interruption. While they have many online tools at their disposal, developers also need a seamless process that allows them to focus on writing code.  

But the work-from-home experience isn’t ideal for development teams. Individuals are more likely to be more fragmented, with potential interruptions that threaten to derail any coding momentum they’ve built throughout the day. For example, dynamic application security testing (DAST) and static application security testing (SAST) are good tools for identifying coding vulnerabilities, but they limit productivity since they only provide a snapshot in time and can’t keep up with today’s agile software development life-cycle processes.

Application security (AppSec) policies can help ensure worker productivity even in a remote location. AppSec also means faster release cycles so important releases for work-from-home scenarios are delivered quickly. This can only happen when AppSec is integrated into the application using instrumentation, so that vulnerabilities are identified and remediated in the coding process by developers. Following are a few reminders that companies can keep in mind when ensuring the security of their newly remote development teams:

  • Reduce coding interruptions. Traditional AppSec approaches can be distractions for developers, even when they’re in the office. SAST can stop code commits while the code is checking for vulnerabilities. These interruptions are momentum killers, and problematic for business productivity as well. Developers need AppSec integrated into the applications so vulnerabilities can be identified and remediated during the coding process.   
  • Automate early and often. Automation is a requisite for developers, no matter where they are working from. Developers do not have time for manual vulnerability identification and verification of their remediation. They require an AppSec platform that removes the burden from them without creating any negative impact on the process itself.
  • Identify specific vulnerability alerts. Task switching and interruptions are a daily reality in software development projects. But for developers working from home, constant interruptions due to vulnerability alerts can be a source of frustration. The time it takes to go through all the vulnerabilities squanders valuable productivity and slows release cycles. Instead of pinpointing every vulnerability, developers need an AppSec platform that can help narrow the list to only those that matter.
  • Reduce false positives. False positives describe the situation where a test case fails even when the functionality is still working perfectly. They need attention, however, which can be a time-consuming process for the work-from-home developer. They typically eat up valuable IT bandwidth that should be applied to more important tasks. In a home environment, the fewer distractions the better. Security instrumentation can virtually eliminate false positives by following the routes applications take rather than testing code against a blacklist. 
  • Shift left to reduce remediation work. Trying to fix vulnerabilities at the end of the software development life cycle takes longer and is more difficult. Instead, a shift left to the build phase makes security a critical part of the software development process, allowing developers to save valuable time.

From the looks of the current situation, it seems as if the work-from-home experience is going to be significant, perhaps lasting months. This is a big adjustment for both employees and organizational leaders. But with good solutions and technologies in place, I’m confident that a productive and secure model of remote working can emerge.

Tim Freestone, Vice President of Corporate Marketing

Tim Freestone, Vice President of Corporate Marketing

Tim leads the Corporate Marketing organization at Contrast, which includes Creative Services, Operations, Field, Channel, Growth, Communications, PR, and Customer Marketing across North America, EMEA, and APJ. Before Contrast, Tim led a high-performing team at Fortinet charged with brand, content, and demand-gen/growth marketing. Previous to Fortinet, Tim built out demand-gen operations for NetApp in the Americas and then globally. He cut his teeth in the tech space in New York where he was a founding partner in a technology marketing services agency that grew to over 50 employees with no external investment.

SUBSCRIBE TO THE BLOG