Personal devices run risks of cyber attacks as people work from home

Abhishek Law, Shobha Roy Kolkata | Updated on March 31, 2020 Published on March 31, 2020

Representative image   -  Bloomberg

At least five new attacks riding on coronavirus fears have been reported since February

There has been an increase in cyber attacks on personal computer networks, mobile phones, VPNs and routers since employees were asked to work from home, in the wake of coronavirus outbreak in India.

Industry sources say that over the last 1-2 months , there has been an at least 40-50 per cent rise in devices across enterprise ecosystems and at least five new threats have emerged during this period, targeting computers and mobile phones.

CERT-In or the Computer Emergency Response Team of India — the country’s nodal agency to combat cyber attacks — has been quick to raise the red flag. VPNs, now paramount to a company’s backbone, are also under threat.

In fact, a concern that some cyber security guys raise is that of law enforcing agencies diverting their attention to issues like enforcing a lockdown and other activities such as controlling rumour mongering.

“The law enforcement authorities are also not really bothered about cyber security as they are more engaged in ensuring physical safety and security of its citizens. So we are in a state of vulnerability. And a hacker needs just one (such) vulnerability,” said Trishneet Arora, Founder and CEO, TAC Security.

End point security

Experts say that personal devices continue to be less secure.

“Personal devices have previously been used for corporate access. (But, now), we are witnessing about 30-40 per cent new ones entering the ecosystem. Less secure devices have expanded the threat surface available for cyber criminals,” Murtaza Bhatia, Head-Vertical Solutions, NTT India Pvt Ltd, told BusinessLine.

McAfee’s Venkat Krishnapur, V-P, Engineering and India MD, maintains that personal devices generally do not have proper endpoint security solutions. Most common way of breaches include phishing, passwords, people, patching and privileges.

“Malicious actors also leverage spear-phishing, targeting select employees to gain access to critical data like staff credentials, intellectual property, customer data, and more,” he added.

New threats

SonicWall, a cyber security firm,says that there were at least five cyber attacks since February.

In February, an executable file named CoronaVirus_Safety_Measures.exe was being delivered to the victim’s machine as an email attachment. This was a malicious file.

Next came the a coronavirus scare tactic which was used across a particular mobile ecosystem in the form of Remote Access Trojan (RAT) and an application that goes by the name of ‘coronavirus’. Post its installation and execution, this sample requested the victim to re-enter the pin/pattern on the device and stole the same, while repeatedly requesting for ‘accessibility service’ capability.

The third was when a malware took advantage of Covid-19 fears (also called scareware in IT language) and claimed ransom.

Then came a phase where the cyber-attackers were creating websites that spread misinformation about coronavirus , falsely claiming ways to “get rid of” it. These sites attracted new victims via downloads.

Later in March, researchers found that malware authors have taken advantage of the public’s desire for information on the Covid-19 pandemic. The malware Azorult.Rk masqueraded as an application providing diagnosis support, even including a screenshot of a popular interactive tool that maps ‘Covid-19 cases and exposure’. It included 12 different layers of static and dynamic information, making it difficult for threat analysts to quickly investigate.

Forcepoint, another cyber security company, agrees to the rise in malware and phising attacks. It maintains that employees who might be setting up apps can fall victim to sophisticated phishing that look remarkably like the set-up processes they’re trying to work through.

Security spends

Surendra Singh, Senior Director & Country Manager, Forcepoint, maintains that IT departments need to understand security of the workarounds that employees use, which include using personal cloud storage solutions to store work-related files (if they don’t have access to corporate editions), or emailing work-related files via personal free email accounts to circumvent file size limitations.

“Understanding how data loss prevention solutions and cloud access security broker solutions could help businesses secure their new, expanded or distributed hybrid IT system,” he said.

Incidentally, Gartner predicts that the enterprise information security spending in India is estimated to rise to $2.1 billion by 2020. Currently, security services are fragmented into various aspects such as endpoint security, application security, data security and security operations. Considering the increase in demand (due to influx of endpoints and remote security requirements), an increase in investment of about 5-10 per cent for augmentation of current services can be expected.

Diwakar Dayal, MD at Tenable India, said that it was worth investing in solutions that can check the security posture of all devices, regardless of their ownership, that connect to a corporate network. Once the crisis passes, companies can also revoke such remote access.

For companies, enabling work from home is the priority at the moment and not much thought has gone into cyber security, says sources.

Published on March 31, 2020

A letter from the Editor

Dear Readers,

The coronavirus crisis has changed the world completely in the last few months. All of us have been locked into our homes, economic activity has come to a near standstill. Everyone has been impacted.

Including your favourite business and financial newspaper. Our printing and distribution chains have been severely disrupted across the country, leaving readers without access to newspapers. Newspaper delivery agents have also been unable to service their customers because of multiple restrictions.

In these difficult times, we, at BusinessLine have been working continuously every day so that you are informed about all the developments – whether on the pandemic, on policy responses, or the impact on the world of business and finance. Our team has been working round the clock to keep track of developments so that you – the reader – gets accurate information and actionable insights so that you can protect your jobs, businesses, finances and investments.

We are trying our best to ensure the newspaper reaches your hands every day. We have also ensured that even if your paper is not delivered, you can access BusinessLine in the e-paper format – just as it appears in print. Our website and apps too, are updated every minute, so that you can access the information you want anywhere, anytime.

But all this comes at a heavy cost. As you are aware, the lockdowns have wiped out almost all our entire revenue stream. Sustaining our quality journalism has become extremely challenging. That we have managed so far is thanks to your support. I thank all our subscribers – print and digital – for your support.

I appeal to all or readers to help us navigate these challenging times and help sustain one of the truly independent and credible voices in the world of Indian journalism. Doing so is easy. You can help us enormously simply by subscribing to our digital or e-paper editions. We offer several affordable subscription plans for our website, which includes Portfolio, our investment advisory section that offers rich investment advice from our highly qualified, in-house Research Bureau, the only such team in the Indian newspaper industry.

A little help from you can make a huge difference to the cause of quality journalism!

Support Quality Journalism
This article is closed for comments.
Please Email the Editor
You have read 1 out of 3 free articles for this week. For full access, please subscribe and get unlimited access to all sections.