Working from Home – remote logins a soft target for hackers
/With the current Covid-19 pandemic, many organisations are saying there are going to send their staff home and have them work from there. This is a pretty standard response to many Business Continuity Situations. There are some considerations to make around how staff members access your internal network from the outside.
An enforced isolation period will be simpler to manage for the current proportion of employees who have a role that sees them often work from home already, as they will have the processes in place. For others, the adjustment will be more challenging, but the technology we have today makes keeping teams connected and collaborations across locations far more accessible.
However, there is an important factor that cannot be overlooked. These people already working from home are likely to be using a Secure Virtual Private Network (S-VPN) into their worksite. VPNs have security profile tokens installed in them so only those authorised can gain access.
Not every business will need this level of security, but there are some basics that need to be observed.
The risk of malware on personal computers to access corporate systems
If the remote worker is going to use their home PC, this can create risk of exposure. The dangers of risk are quite considerable, as one does not know what websites they or other members of the family have been to, what malware has been sneaked onto their machine. This type of Malware is just waiting for someone to sign into a corporate site and it will quickly load down its bad code into the corporate and start to trap passwords, sign-ins and other confidential information.
Home PCs most probably will not have up-to-date or quality virus checkers on them. I have often spoken to home users who tell me they are using a “free” virus checker or do not update their virus checker because it costs money. This is a dangerous practice and one has to ask how much resources these suppliers of free virus checkers are putting into their product or is there an alternative motive – such as putting in their own malware onto the machine.
Keeping sensitive files away from prying eyes
If you do let staff members work from home, make sure they observe your company’s IT security protocols and procedures and do not let their children sign in and play with the machine. Keep any private company material away from small eyes who may talk about what they have seen at school the next day.
Home WiFi a point of weakness
The other thing to be wary of if people are working from home is the security of their Wi-Fi systems. So many people do not change the default Administrator Password on their WI-FI router when it is installed. If your provider does change it, they often do something quite simple and silly, like change it to your telco account number or street number, etc. The bad guys know this and will try and hack their way through your wi-fi router. Once they get in, they then have access to all the equipment on your network, not only your PC and Laptops, but your smart TV, CCTV and other “Internet of Things”. Again, once a route in is established, when your employee is accessing your company systems it is a back door into your systems.
Two-factor authentication not a guarantee for cyber-security
Just to increase your lack of sleep, two-factor sign-in is not as secure as you think. There is malware on the market now that sits between corporate websites such as Outlook Web, and forwards the two-factor sign-on in realtime to the attacker. This hacking method was identified as a real and significant threat in 2019.
There is also a vulnerability in some telco systems that allow the attacker to intercept SMS from your two-factor sign-in. This attacking system has been noted since 2017 and shows how insecure SMS verification can be when compared with hardware and application keys.
What are the solutions?
By all means, send people home to work but just make sure they are clearly informed of the rules they need to follow to keep your organisation safe from breaches to your security through careless mistakes.
Ask some simple questions around their existing set-up to identify any gaps, and lay down the ground rules for best practices.
There may be other measures you can take internally, depending on how your network is set up. From your position, it is imperative you discuss the risks with your IT security people or your IT Provider before you implement any social isolation of team members.
Sam Mulholland is a business continuity consultant and disaster recovery planning specialist. Sam can be contacted through the Standby Consulting New Zealand and Middle East offices should you wish to know more about Cyber Security and Pandemic Planning for your organisation.