Remote work leveraged for cybercrime by adversaries in targeted attacks

March 10, 2021
cybercrime work from home remote work fraud prevention vulnerability exploit

Cybercrime (CC) has never been projected as high as last fiscal year compared to the previous years. Historical data confirms the enormous leap of numbers on reported cases in various types of attack known by the cybersecurity experts. Incidents of repurposed tactics, newer and more lethal approach of adversaries were recorded complimenting the uprising cases amidst the pandemic situation.

With many different industry sectors, government, and business move toward the drastic shift of shifting working through the comfort of home, adversaries have also coped with this change exploiting various vulnerabilities present on home securities.

According to a cybersecurity report, missed detection of vulnerabilities has increased drastically as security imposed at home is weak compared to the stronghold in their respective offices. Though these sectors admitted that they were not prepared for this change, they try to create an immediate mitigation plan and ensure campaign awareness has been placed. However, time is the essence on this race. This gives adversaries ample time to exploit it and perform malicious activity before any patch can be placed on the vulnerabilities.

 

Rampant cybercrime and the abuse on the pandemic situation as theme subject confirmed the success of adversaries in 2020.

 

Fraudulent activities were seen on compromised emails and websites, and frontal attack activities using SMS and voice calls have been counted as their means of getting to their victim. Numerous gateways have also been opened for these adversaries to get into their victims using their victims’ mobile phones. The development of repurposed and new variants of spyware and malware that tracks victims’ activity and exfiltrating data toward adversaries is vividly discovered by cybersecurity experts. Credential theft has also become more a popular cybercrime, giving instant access to the adversaries to the victim’s accounts and affiliated businesses. But most disturbing of all is the increase of reported ransomware attacks. Adversaries were able to attack key government sectors like health, electric, and production companies that lead to denial of service, resulting in life at risk and scarcity of byproducts. As long as they profit, these adversaries become heartless.

Big companies and businesses alike were not spared from this openness in the security of being transitioned to home support. Facebook, Twitter, Solarwinds, and FireEye, prominent company leaders in their field, were the example victims of adversaries’ persistence dauntless act in the name of money and edge in intelligence.

This overwhelming and chaotic situation is something that is not to be neglected. A mere patch is not a solution to this mess. In times like this, everyone in the cyber community, through the aid and collaboration of cyber authorities, experts, and concerned countries, joined hands in developing a long-term resolution about consistent vulnerabilities. However, security should start on oneself. Being vigilant and keen on anything from cyberspace is our first defence in battling against this fraud. Ensuring good password management is in place with multi-factor authentication should be in practice. More importantly, provide updated awareness on current cybercrime tactics to equip the staffs the information to avoid possible attack.

About the author

Leave a Reply