COVID-19 spreading from China to the rest of the world created two novel opportunities: the chance for millions of people to work from home and the chance for hackers to gain access to an even larger attack surface. As more and more people decided to stay home, they successfully avoided being exposed to COVID-related dangers at the workplace. However, they ended up exposing their devices to a range of new attacks.
One of the biggest dangers is an unsecured virtual private network (VPN) connection. Many companies have been accommodating workers to obey stay-at-home guidelines by allowing them to access their network and engage in crucial communications using VPNs. If the VPN itself is not adequately secured, it would be relatively easy for hackers to gain access and infiltrate the organization’s network.
The pandemic also presents a fresh set of opportunities for phishing and ransomware attacks. Because people are anxious and looking for solutions to deal with or avoid COVID-19, hackers have been creating fake emails, links, and attachments that contain malware. An individual may open an email or click a link in the hopes of learning something about COVID—only to pave the way for ransomware or other malware to be introduced to their system.
Increasing Cybersecurity Risks
With an increase in the number of employees accessing their organizations’ networks through VPN connections comes an increased demand on the VPNs’ infrastructures. Aside from many connections not being sufficiently secured, dangers have also arisen when existing firewalls are unable to adequately support the system.
The firewall has to inspect each VPN tunnel to make sure they are not being used as tools for delivering malware. The inspection has to be done without significantly impacting the speed of the connection. In many cases, existing firewalls have not been up to the task, resulting in either malware getting through or employees’ connections slowing down.
In addition, because many workers’ home networks do not have enough bandwidth to accommodate a VPN connection and the applications businesses use, such as videoconferencing, their home networks have become perfect targets for cybercriminals. This affects not only the device the worker uses to connect but also others that connect to the home network, including those of their friends and family members.
The types of targets hackers are focusing on have also shifted during the coronavirus pandemic. Being the attack opportunists they are, hackers have adjusted their focus to include remote workers. Before the pandemic, the most common attack surfaces were those associated with corporate applications and devices. However, recent data has shown that the most popular targets in early 2020 were devices like consumer-level routers, digital video recorders (DVRs), and other components attached to home networks.
The methodology for orchestrating the attacks also changed with COVID-19. Attackers have been using people’s fears and concerns about coronavirus to gain an advantage. These techniques were used to launch around 600 novel phishing campaigns every day during the springtime of 2020, according to data unearthed by FortiGuard Labs.
The ways attackers have gained access to their targets’ devices have also been adjusted. In a normal work situation, employees would be protected by the security systems in place in the company’s office. However, while at home, they have to arrange their own security. Threat actors, realizing this, have increased their use of web-based malware, making it their attack vehicle of choice.
To focus on people working from home, attackers have also adjusted the types of vulnerabilities they attempt to exploit. Many people do not frequently update their home networks. In doing so, they fail to take advantage of the patches they need to stay ahead of the most current threats. Attackers, seizing this opportunity, have been launching threats that seek to exploit systems that are a few to several years old. Almost two out of three attacks have been aimed at vulnerabilities that were discovered in 2018, and around 25% have focused on weaknesses that date back to 2004.
The Importance of Adequate VPN and Firewall Management
For a remote worker, a VPN is one of the most common and convenient ways of connecting with their job. Ideally, all you have to do is log in, and you have a secure tunnel through which you can send and receive data. Your firewall helps establish and maintain the security of this tunnel. In a work-from-home situation, it is essential that your VPN connection is adequately secured and that the firewall can handle the demands created by the new situation.
If your firewall is unable to manage the complexities and stressors stemming from the task of protecting many users simultaneously, it may need to be upgraded. Otherwise, each employee that works from home may be at risk, as would their home networks, and all those who connect to them.
Fortinet on the COVID Impact
The coronavirus has significantly impacted the cybersecurity industry, highlighting the need for more flexible solutions. Until now, it was often enough to secure the office with a VPN that accommodated relatively few connections. However, COVID has underscored the value of having a more agile security solution that can meet the needs of several different work configurations.
Current Fortinet customers who use FortiGate already have solutions for remote workers within their firewalls. With FortiGate, you can accommodate four times the number of VPN connections and enjoy 14 times the Internet Protocol security (IPsec) performance.
Fortinet China also offers FortiClient, free of charge, which can be installed on the personal devices of remote workers. With FortiClient, they can create encrypted connections to the company’s VPN and interface with the enterprise’s network over a secure connection.
Fortinet also has software-defined wide-area networking (SD-WAN), which is ideal for remote workers. The SD-WAN suits a work-from-home dynamic because it empowers the organization to provide remote access for workers who need to connect to either internal or cloud resources. Because it is based on the FortiGate platform, you can enjoy the SD-WAN without needing extra licensing requirements or hardware.
Photo credits: unsplash.com