Kathy Gibson is at the virtual Kaspersky Security Analyst Summit – Cyber crooks haven’t taken a holiday while the world is in lockdown.
Eugene Kaspersky points out that, during quarantine, we have seen an increase of about 10% in malware. “The cyber crooks are exploiting the situation.
“Some of them are hacking medical institutions as well,” Kaspersky adds. “I think at this time hacking and damaging medical institutions is terrorism.”
Nate Warfield, security researcher at Microsoft, warns that threat actors are now targeting their ransomware attacks, including to hospitals battling the Covid-19 pandemic.
The world was lucky to avoid any deaths when the WannaCry ransomware first hit medical systems – but this time around, with health systems so overwhelmed, we might not be so lucky, he adds.
Warfield points out that many devices and even appliances in users’ homes are now allowing access into corporate networks.
“And a lot of these users use commodity routers,” he says. These are probably not secured or updated if they do have security.
“These systems are not being patched, and they are often insecure cloud deployments with insecure network hardware.
“It is easy for the bad guys to find things on your network – and they are all entry points to the corporate network which are more vulnerable now that no-one is in the office,” Warfield adds.
There are tools available that help administrators pick up if attackers are trying to access the network via home users.
For example, Greynoise helps to identify where in the world malicious traffic is emanating from and Shodan can warn administrators whether there are payloads that need to further examination, and whether there is vulnerable infrastructure on the network.
“Attackers thrive on chaos – and there is no more chaotic time than right now,” Warfield concludes.
“The network perimeter has changed; and it is likely that it will remain changed forever. Attackers know this and are going to go after your home users. So it’s important to assess your network regularly.”