Coronavirus: Hacking surges as workers take computers home

By some estimates, hacking against corporations around the world more than doubled in March.

Cybersecurity
Hacking has surged as more people work from home on vulnerable computers [File: Tina Bellon/Reuters]

Hacking activity against corporations in the United States and other countries more than doubled by some measures last month as digital thieves took advantage of security weakened by pandemic work-from-home policies.

Corporate security teams have a harder time protecting data when it is dispersed on home computers with widely varying setups and on company machines connecting remotely, experts said. Even those remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem.

Software and security company VMWare Carbon Black said this week that ransomware attacks it monitored jumped 148 percent in March from the previous month, as governments worldwide curbed movement to slow the coronavirus, which has killed more than 130,000 people.

200328080646752

“There is a digitally historic event occurring in the background of this pandemic, and that is there is a cybercrime pandemic that is occurring,” VMWare cybersecurity strategist Tom Kellerman told Reuters news agency.

“It’s just easier, frankly, to hack a remote user than it is someone sitting inside their corporate environment. VPNs are not bullet-proof, they’re not the be-all, end-all,” he said.

Using data from US-based Team Cymru, which has sensors with access to millions of networks, researchers at Finland’s Arctic Security found the number of networks experiencing malicious activity had more than doubled in March in the US and many European countries, compared with January, soon after the virus was first reported in China.

The biggest jump in volume came as computers responded to scans when they should not have. Such scans often look for vulnerable software that would enable deeper attacks.

Researchers plan to release their country-by-country findings next week.

Less stringent rules

Rules for safe communication, such as barring connections to disreputable web addresses, tend to be enforced less when users take computers home, analyst Lari Huttunen said.

That means previously safe networks can become exposed. In many cases, corporate firewalls and security policies protected machines infected by viruses or targeted malware, he said. Outside the office, that protection can fall off sharply, allowing the infected devices to communicate again with the original hackers.

That has been exacerbated because the sharp increase in VPN volume led some stressed technology departments to permit less rigorous security policies.

“Everybody is trying to keep these connections up, and security controls or filtering are not keeping up at these levels,” Huttunen said.

The US Department of Homeland Security’s (DHS) cybersecurity agency agreed this week that VPNs bring with them a host of new problems.

“As organisations use VPNs for telework, more vulnerabilities are being found and targeted by malicious cyber actors,” wrote DHS’ Cybersecurity and Infrastructure Security Agency.

The agency said it is harder to keep VPNs updated with security fixes because they are used at all hours, instead of on a schedule that allows for routine installations during daily boot-ups or shutdowns.

Even vigilant home users may have problems with VPNs. The DHS agency on Thursday said some hackers who broke into VPNs provided by San Jose-based Pulse Secure before patches were available a year ago used other programmes to maintain that access.

Other security analysts said financially motivated hackers were using pandemic fears as bait and retooling existing malicious programmes such as ransomware, which encrypts a target’s data and demands payment for its release.

Source: News Agencies