While the lockdown has made ‘work from home’ a possible option for a majority of the workforce, ensuring cyber social distancing has been a concern for most organisations, as all members of the family are invariably connected through the home internet connection.
“While keeping kids engaged in remote learning, families enjoy multi-player games, connecting with friends, social media, streaming music, video and so on. Unprotected devices tend to offer a huge opportunity for cyber criminals. Cyber social distancing is the need of the hour; it’s all about recognising the risk to keep our distance,” says Rajesh Maurya, Regional Vice-President – India and SAARC, Fortinet.
Scams of many kinds
Citing a FortiGuard Labs team finding, he said about 600 new phishing campaigns are registered everyday, with attacks ranging from scams related to helping individuals deposit their stimulus cheques, to providing access to medical supplies and help desk support to new teleworkers.
In addition to online scams targeted at adults, some phishing attacks target kids’ computers and gaming systems, luring them to download free games.
Asked if the rushed remote working model was changing the face of security, Maurya observed that organisations were not able to procure enough laptops for every employee, who needed to work remotely. As a result, many teleworkers have started to use their personal device to connect to their corporate network.
“Such devices are generally far less protected by desktop security and endpoint protection solutions, making them far more vulnerable to malware. If the device of a remote worker is compromised, it can become a conduit back into the organisation’s core network, enabling the spread of malware to other remote workers. Since help desks are now remote, devices infected with ransomware or a virus can incapacitate workers for days while devices are mailed in for reimaging.”
Rise in viruses
FortiGuard Labs has seen a significant rise in viruses — it has documented a 17 per cent increase in viruses in January, a 52 per cent increase in February, and an alarming 131 per cent increase during March compared to the same period last year.
Organisations need to educate remote workers and their families about phishing attacks and keeping off malicious websites, put security counter measures in place, consider a network access control solution to ensure that only authenticated devices have access to the network resource and perform a review of other security tools, Maurya said.