Cyber attacks targeting companies in the United States and other countries have more than doubled. Employees are forced to work from home, with the result that security is suffering as a result.
Researchers from the Finnish firm Arctic Security found that the number of networks with malicious activities more than doubled in the United States, as well as in many other European countries. This was in March, compared to January, before the corona virus struck. The researchers used data from US-based Team Cymru, which has sensors with access to millions of networks worldwide. Arctic Security will publish the results by country next week.
Difficult times for security teams
Company security teams are finding it harder than ever to protect company data. This data is shared and disseminated by different home computers with very different settings, including remotely connected company computers. Even external employees using a VPN contribute to the problem.
Communication rules to ensure the security of company computers are often handled more laxly when users take their computers home. Think about visiting potentially malicious websites, said Arctic Security analyst Lari Huttunen.
Previously secure networks are now easier targets for hackers. In many cases, corporate firewalls and internal security policies had been protected by viruses or malware-infected machines. But Huttunen says that that protection outside the office is often greatly reduced. As a result, infected machines are often able to communicate again with their original machines.
VPNs not always secure
The problem is further exacerbated by the fact that more and more employees are using VPNs. Some technology departments that are too busy allow a less strict security policy, because otherwise they won’t make it. “Everyone is trying to maintain these connections, and security checks or filters don’t keep up with these levels,” Huttunen said.
The U.S. Department of Homeland Security (DHS) cyber security division reports that the use of VPNs is causing many new problems. “As organizations use VPNs for homeworking, more and more vulnerabilities are being found and are becoming targets for malicious cyber actors,” wrote the DHS. According to DHS, keeping VPNs up to date with security solutions is more difficult because they are in continuous use. Normally, routine installations are performed during daily boot-ups or shutdowns.