What has changed since COVID19?

Before COVID19: Mobile Workers, Middle & Sr. Management were the people working from Home

During COVID19:

• The entire work force is Working from Home | Working from wherever possible including the Entire IT Infrastructure Team
• Attackers use COVID19 as a means to deliver malware, gain unauthorized access, steal credentials , compromise confidential/sensitive information
• Enterprise fear lack of security control over the Corporate Assets at Home

Challenges due to the above Change:

• The entire work force is now exposed to greater number of threats, without the multiple levels of protection when working from Office
• Greater possibility of an attacker successfully exploiting & gaining access
• Lack of Visibility to know what is happening
• Most Home Networks may not have the minimum security controls
• Lack of Computing Devices for End-users, hence forced to use Personal Devices
• Lack of minimum security controls in Personal Devices
• Lack of Vigil related to Cybersecurity due to COVID19 Health Crisis

What are the Threats which exist:

Known & Unknown Malware

• What does it do?
  • Gains Unauthorized Access, Exfiltrates Data, Takes Control of Vital Information
• How is Malware Delivered to the End-user:?
  • Tricking users to click COVID19 Websites /Files/Images / Articles & download malware via Browser | WhatsApp | Chat
  • Via Email as an attachment, Once User opens it infects the computer

Ransomware Attacks

• What does it do?
  • Holds siege of the data, released only if ransom is paid to the attacker. Most of the time, paying ransom does not help.
• How is Ransomware Delivered to the End-user?
  • Via Email as an attachment, Once User opens it infects the computer & has the ability to infect other computers
  • Tricking users to click on Advertisements / content related to COVID19 or any relevant content which attracts the user

Intrusions

• What does it do?
  • Attackers gain unauthorised administrator access to the target Computer
• How does this happen?
  • Attackers look for computers, applications which are vulnerable & exploit the vulnerability
• Software which are Outdated, Unpatched, Pirated, Unwanted are targeted the most

Credential Theft

• What does it do?
  • Attackers Steal Username & Password of Users while they access Popular Websites, Banking Login, Email Accounts, Most Used Websites
• How does this happen?
  • End-users are tricked into typing Username, Password into Fake Lookalike Websites
  • Users get such Website Links via Email, Chat , WhatsApp, SMS. Once clicked, they are taken to a fake website which looks similar to the original website

Attackers Spread across the Organisation

• What does it do?: Once Attackers gain access to a computer, they will not stop. They keep probing and start spreading across the Network
• Without Proper Controls, the presence of such an attacker in the Network itself will never be known
• Attackers spread from one computer to the other via Office Network | VPN | Email | Removable Media | File Shares
• Attackers can raise their privilege to an administrator depending on the access gained in a computer

How to Mitigate the above Threats:

• Prevention Against Malware Attacks:
  • Solution such as NextGen AV | Endpoint Detection & Response
• Prevention Against Ransomware Attacks:
  • Solution such as NextGen AV | Endpoint Detection & Response
• Prevention Against Intrusions:
  • Combination of Solutions such as NextGen Firewall | IPS | Anti-APT | Security Posture Check
• Prevention Against Unauthorised Access:
  • Secure Remote Access VPN Solution with Multifactor Authentication for End-Users, Administrators, Senior & Top Management
• Prevention Against Credential Theft:
  • Multi Factor Authentication
• Prevent access to Fake | Malicious Content:
  • Combination of Solutions such as NextGen Firewall | Web Security | Email Security with Phishing Protection | DNSSEC
• Prevent Attackers From Spreading:
  • Micro Segmentation with Combination of NextGen Firewall | VM Firewall | Second Layer Firewall
• Prevent Compromising Home Networks:
  • Awareness & Training Sessions to Users on how to protect
    • Home Routers, Social Media Accounts, Wireless SSIDs, Bluetooth Devices, Smart Phones, Connected TV & Camera, Banking Transactions

SNS with its Security focused approach has been conducting regular workshops for its customers who wanted to spread awareness to their employees. Such workshops are divided into awareness for Freshers, Middle Management & Top Management . During Covid, we helped 250+ customers to safely work from home. Our 80+ Engineers are supporting such customers 24X7 from safety of their home.