Remote working is great: Taking the long commute saves workers stress and money, while helping the environment and the employer’s cost bill in the process. this.
But the dangers of keeping a remote workforce safe are worth noting, and that’s just what Europol has done in a new report.
The biggest issues underpinned by the pandemic’s shift towards remote work include ransomware threats, mobile attacks, and even exploitation of software services legal as unsafe. VPN or electronic money. Here we summarize the most important details to know.
Greater risk of Ransomware
As the EU’s law enforcement agency, Europol keeps an eye on international trends as they develop. Of them new report, the 2021 Internet Organized Crime Threat Assessment (or IOCTA), lets the rest of us see which threats are the greatest. All of these threats are not caused by remote working, but the report calls the pandemic by name a major change to which cybercriminals are responding.
First on the list is ransomware and ransomware affiliate programs. Large corporations and public institutions are most at risk here, as these bad actors are deploying supply chain attacks with major disruption in mind. They are being further overhauled in 2021, with “new multi-layered extortion methods” including threats of DDoS attacks, data theft, and calls for customers, business partners or journalists to contact continue to pressure their victims to pay. From the report:
“Governments should make businesses of all sizes aware of the risk of falling victim to ransomware and offer practical guidance in securing their networks.”
Best practices are prevention, so don’t wait for government guidance before making sure your IT team knows how to secure a network.
Mobile malware development
Personal mobile devices are one channel employees can use to access business email and files, and they can easily prove to be a weak link for the remote workforce.
Criminals will have to circumvent new security measures for mobile devices, of which two-factor authentication is considered the most formidable. Trojans are the easiest way to bypass this usually secure verification process, and the method is fairly new in the cybersecurity arena, according to the report.
“Several groups of mobile banking malware have implemented new on-device capabilities to commit fraud by manipulating banking apps on a user’s device using malicious models. -Automatic Transfer System (ATS) module is provided by Android Accessibility Service. Banking trojans such as Cerberus and TeaBot are also capable of intercepting text messages containing one-time codes (OTPs) sent by financial institutions and two-factor authentication (2FA) applications such as Google Authenticator. ”
Since two-factor verification triggers a text message with a code to be sent to the phone, malware on the phone can obtain and use the code itself. A trojan called FluBot even spreads itself by spamming the infected device’s contact list with phishing text messages.
Abuse of legitimate services
Finally, there is the abuse of trusted third-party services to compromise the device. One service that is often mined is cryptocurrency, a popular choice for money launderers. This process is made possible through “mixers, service swaps, and exchanges that work in the gray areas.”
VPNs also give cybercriminals a little extra cover. Why? Because “these will provide them with a safe and secure browsing experience.”
Listen, we don’t condone cybercrime, but you have to admit that there is no better recommendation for a secure service than hearing that criminals rely on it. You can See our top picks for business VPNs, although we didn’t include any details from the criminals.
These channels are not something ordinary businesses need to worry about. Instead, the report recommends that law enforcement agencies across the globe look at how to monitor criminal activity around them, be it with crypto regulation, takedown mixers, or focus on VPNs. often cover up criminals.
https://tech.co/news/biggest-security-risks-workforce-remote The 3 biggest security risks to the remote workforce