In a previous post we looked at how to protect users that store data on their remote devices. Now we are going to look at protecting your network systems from your remote workers. They won’t do it deliberately, but remote users could be delivering evolved forms of ransomware right into the heart of your organisation’s infrastructure.
Over the last two weeks, getting remote users set up and working has been the priority for many companies. Planning this would normally take weeks, if not months, but IT teams have not had the luxury of time. The priorities had to be getting the basics done; provision hardware, sort connectivity and bandwidth and delivering the application access needed to resume operations
It looks like for many, these tasks have been achieved. As we enter the next phase of remote working, Cyber security should become the priority. Since the end of February 2020 phishing emails have increased by over 600%, as criminals seek to profit from the COVID-19 pandemic. With phishing being the source of 90% of successful cyber attacks, and remote workers being more vulnerable to phishing scams than when they are in the office, further protections are needed to safeguard the remote staff and the data they are using and storing.
On average it takes 190 days for a company to detect that they have had a breach.
What are attackers doing during this period of six months?
They are trying to locate invoices, create bcc rules on mailboxes for accounts staff and directors, gain admin access to IT systems and search for vulnerabilities across all key IT systems.
They also plant ransomware, evolved forms that can search and locate backup files, and infect files with hidden code that can traverse networks, infecting other files as they move. This evolved form of ransomware does no detonate immediately, but on a daily basis it is infecting the source data, so local and offsite backup files are also contaminated. Authors of ransomware understand if they can disable the ability to recover data, it more likely the company will pay the ransom, and remote workers storing files to a network are the perfect mechanism to deliver evolved ransomware
How do you combat this?
1. Re-iterate cyber security training
It doesn’t count as nagging when you are protecting your business. In the same way that the government is currently urging us to stay at home, you need to ensure that the message gets through – loud and clear!
- Mention it during virtual team meetings.
- Include it on internal communications.
- Hold regular top-up training sessions.
- Make use of a ethical phishing company to test your team.
2. Secure the links to your network
As discussed in the previous article, make sure that they link to your network only over a corporate VPN – one you control.
3. Limit who uses their laptop
If you have issued your team with laptops, you can say who uses them and who doesn’t. Ban family members from using those machines. It may sound harsh, but family members won’t have had the training and they may go visiting sites they shouldn’t. You cannot afford the risk.
4. Network scanning
Network scanning will identify infected files; files that you need to isolate and delete. You don’t want them in your network and you definitely don’t want them on your backup images.
5. Backup scanning
Is your backup application scanning files as they are backed up? If you aren’t you are running a risk that may prove extremely costly. If you inadvertently backup an infected file – and you need to restore from that backup image, you may start an Attack Loop. Attack loops mean you will never get a clean, infection-free restore.
Next Step
Click here for more information on how our Cloud Backup solution provides the network and backup scanning. It is agentless and therefore non-disruptive to your existing security and prevents Attack Loops.
Alternatively, simply call us on 0333 344 2380 and let’s talk.
[…] As the workforce heads away from the security of the office a few things have started to happen. The concentration has been on the roll-out of remote capabilities and the need to get people working as referred to in our earlier blog Remote access software and Application access. However, the concerns we looked at in Risk and Governance have started to arrive. Info Security magazine has identified that the increase in phishing attacks in the last month is hitting over 600%. Phil Muncaster further explores in his article on the InfoSecurity Magazine site But how do you deal with this issue and the impact that this is going to bring; How do you combat this? Our friends at Data2Vault suggest the following; 1. Re-iterate any cybersecurity training and keep it in peoples minds Mention it in all virtual team meetings. Include it on all internal communications. 2. Secure the links to your network As discussed in the previous article, Make sure that all links to your network are secured – centrally controlled. 3. Limit who uses the home-based company laptop You cannot afford the risk. 4. Network scanning Network scanning must con tinue and be monitored. It will identify infected files; these files that need to be isolated and deleted. 5. Backup scanning Make sure the product you are using for the critical file backup is scanning the files for malicious code as well. For more information call us on 01952 327327 For more on the article join Mark Saville on the related Blog at Data2Vault […]