Work-from-home poses a security challenge | Kozhikode News
https://www.ispeech.org/text.to.speech
Kozhikode: With Covid-19 forcing many organizations to adopt work- from-home to enable social distancing and ensure business continuity, cyber security experts advised increased vigil as remote work over unsecured networks could increase the risks of cyber threats to critical assets and data of firms.
Experts said that many home networks had unsecured endpoints, including unsecured Wi-Fi and poorly-configured modems which could make corporate networks vulnerable to cyber-attacks.
"With many people now working from home, many organisations lack the capabilities to provide secured virtual private network (VPN) access or endpoint detection and response (EDR) tools. On the network security front, it means the firm’s network perimeter now has expanded further to homes and other unsecured locations. This makes it easier for malicious persons to hack user endpoint-devices by exploiting possible vulnerabilities in home network infrastructure like unsecured home Wi-Fi and poorly-configured modems," said Vinod T, who heads cyber security at UL Technology Solutions.
Also cyber security experts said that cyber criminals have already started exploiting Covid-19 concerns among people through phishing campaigns in the form of e-mails offering Covid-19 information to trick recipients to click on the link which inserts a malware into the user device. The attacker then can control the user’s device remotely and gain access to office network or create a ransomware attack.
"Simple precautions that can be taken by employees and IT team is to ensure the use of a strong password policy, keeping modem, routers and other devices up-to-date with the latest firmware patches and turning off WPA & UPnP, instead use WPA2 which uses a stronger form of cryptography. Network security administrators should conduct quick vulnerability assessment to identify loopholes," said Vinod, adding that employees should be trained on how to detect and handle phishing and other forms of social engineering attacks.
Experts say that VPNs ensure that the internet traffic is encrypted and safe between office network and the remote machine. Hence if the employee is working on sensitive data, he or she should use VPN provided by the organization.
Experts said that many home networks had unsecured endpoints, including unsecured Wi-Fi and poorly-configured modems which could make corporate networks vulnerable to cyber-attacks.
"With many people now working from home, many organisations lack the capabilities to provide secured virtual private network (VPN) access or endpoint detection and response (EDR) tools. On the network security front, it means the firm’s network perimeter now has expanded further to homes and other unsecured locations. This makes it easier for malicious persons to hack user endpoint-devices by exploiting possible vulnerabilities in home network infrastructure like unsecured home Wi-Fi and poorly-configured modems," said Vinod T, who heads cyber security at UL Technology Solutions.
Also cyber security experts said that cyber criminals have already started exploiting Covid-19 concerns among people through phishing campaigns in the form of e-mails offering Covid-19 information to trick recipients to click on the link which inserts a malware into the user device. The attacker then can control the user’s device remotely and gain access to office network or create a ransomware attack.
"Simple precautions that can be taken by employees and IT team is to ensure the use of a strong password policy, keeping modem, routers and other devices up-to-date with the latest firmware patches and turning off WPA & UPnP, instead use WPA2 which uses a stronger form of cryptography. Network security administrators should conduct quick vulnerability assessment to identify loopholes," said Vinod, adding that employees should be trained on how to detect and handle phishing and other forms of social engineering attacks.
Experts say that VPNs ensure that the internet traffic is encrypted and safe between office network and the remote machine. Hence if the employee is working on sensitive data, he or she should use VPN provided by the organization.
Gloss