Exercising Security Practices Is More Important Now Than Ever!
by David Wren
The COVID-19 pandemic has extended the cyberattack surface far beyond the boardroom and into our homes. The growing prevalence of remote work has led to an increase of interest from hackers. They are looking to score big by compromising just one of your employees who is simply trying to get work done. Far too often we let down our guard when working from home because we are surrounded with multiple distractions and are outside of the traditional office environment. This potential for exploitation can bring great risk to your organization and its assets
Attackers can gain access to a user’s Remote Desktop Protocol (RDP) or Virtual Private Network (VPN) service through phishing attacks. Once they have a foothold in a user’s computer, they can access file systems and the internal network of your corporate environment. Working from home has led to a decentralization of access points into the network. In 2021 we can expect to see a rise of attacks in this type of work environment. The separation and forced digitalization of the workplace can leave employees vulnerable to suggestive emails or put them at risk for malware attacks. Maintaining the security and training of employees and their access to your network should be the top priority in adapting to this new flexible work environment.
With billions of credentials leaked every year, a simple username and password are woefully inadequate. All an attacker needs is a word list and time to break into your network. Many credentials used for logins are already stolen and being bought as you read this article. Dark web markets and poor password hygiene have made the use of multi-factor authentication (MFA) essential for surviving in a COVID-19 world. By using MFA, we separate the authentication process across three methods: what you know, what you have, and who you are. What you know are things like passwords and pin codes. They’re pieces of information you can use to unlock your account. What you have are devices and authentication tokens you can physically possess. Who you are is the pattern of your fingerprints and structure of your facial identification.
In 2021, we predict an increase of credential attacks on VPNs and company accounts, leading to large numbers of compromised accounts. The rise in web portal access or VPN logins to gain access to corporate systems will raise the stakes, generating interest among attackers. With large databases of username and password combinations already out on the dark web, running these attacks is a matter of will, not resources. You do not need a supercomputer anymore to brute force passwords, just a connection to the dark web and some bitcoin.
As technology progresses at lightning speed, many software manufacturers have set dates for ending product support. One of these software manufacturers is Microsoft with their Windows Operating System (OS). Windows 7 officially ended its product support in January 2020 leaving many businesses with an insecure OS. We can expect these unsupported systems to be prime targets for automated bot attacks that will scan your network for Windows 7 systems and attempt known exploits, all of which cannot be patched.
Updating your OS environment to the latest version and managing patches are the best ways to protect yourself from the rise in automated attacks. Hackers know these systems are still out there running company critical infrastructure and holding valuable data. We predict a rise in attacks focused on these outdated operating systems and infrastructure.
Hotel and public Wi-Fi is notoriously insecure, and sometimes we need to use it. Many businesses are adapting to the changing work environment brought about by COVID-19 with the use of hotels and public places as workspaces. The socially distanced nature of these workspaces can make sense for the health of a company, but not the security of corporate data and user identities.
There are many ways to exploit hotel and public Wi-Fi networks and gain access to your company’s network and data. Evil Twin attacks can mimic a legitimate Wi-Fi source, and once a user connects to that source, it can redirect him or her to malicious web pages and record all the user’s internet traffic. Securing against this threat requires awareness and the tools necessary to ensure a secure working environment.
In 2021, we predict that hotels and other public spaces will be the victims of targeted attacks to gain access to their internet and your employees’ information. These attacks do not need a room reservation or need to take place inside the hotel itself. To compromise such open networks, all hackers need is a connection.
To secure your connection, it’s important to employ a number of strategies and security tools. First, you should verify the Wi-Fi network that you are using. As I stated earlier, attackers can mimic hotel and public Wi-Fi networks and act as “evil twins.” To detect these malicious Wi-Fi connections, make sure to notice all irregularities. Did I just get disconnected from the Wi-Fi? Is the webpage portal suspicious? Is the Wi-Fi name odd or overly enticing? Skepticism is the best guard against Evil Twin attacks simply because they can take many forms.
Only use hotel and public Wi-Fi if you are connecting with a VPN. Doing so will encrypt your traffic in the tunnel from your laptop to the destination. Any hackers on the network will see only a bare minimum of information being trafficked throughout the network. Once connected, verify that your web browser is using https instead of http. This encrypts login credentials or credit card information. 2021 is going to be an interesting year for hotel and public WiFi security, and it’s in your best interest to access these networks in the most secure way possible.
No set way exists to allocate budgets when security is concerned. Decisions about how to spend money require a lot of nuanced, internal knowledge. Much of the heavy lifting can be done by comparing your practices against those of other companies and following industry standard frameworks. The impact of COVID-19 on the way we budget for security has changed in two ways. First, we have an opportunity to rethink the way we spend money on security. Without a shared perimeter, cloud infrastructure has become invaluable. Using cloud, employees can connect securely from anywhere in the world. Second, decentralization of the workplace can add flexibility for your company but comes at a monetary cost. Individual security is needed more than ever. No longer can we centralize our security in an office environment, establishing an internal and external system. The present environment consists of scattered access points and over-the-internet access.
In 2021, we suggest that you budget for security in a new way. The corporate environment has changed drastically, leading to new needs and funding problems. Keeping in mind the above-mentioned threats and new corporate environment, you can expect to reallocate security spending to accommodate this new dynamic. Because the environment is new and ever-changing, you should conduct a full risk assessment regularly. Where are your data now? What work should be completed on premise, and what can be done safely at home? Asking yourself these types of questions is step one in recalibrating your security stance.
“I would like to thank Hunter Williamson for research and assistance on this article.”
David Wren, CISM is President of Network Technology Partners, a regional Cyber Security Intelligence firm headquartered in St. Louis, MO. He can be reached at email@example.com.