Principal Consultant, Chris Dale, was yesterday at 11.30 CEST live on national TV commenting on the wide-spread and influx of scammers and fraudsters during the pandemic by news-anchor Sturla Dyregrov.
See interview here (Norwegian): https://www.tv2.no/v/1570659/
Telenor had blocked more than 200.000 fraud attempts every day, and tens of thousands of fraud domains are generated every week. Chris comments on how River assists companies both pro-actively and during incident response during Covid-19.
News anchor and Chris discusses how work-from-home and the influx of fraud attempts are affecting our everyday users. It’s pointed at that work-from-home might make it easier in several ways, breaking into organizations or targeting users directly:
- Users select weak passwords and are now suddenly exposed via VPN. They could be compromised through easy password guessing. River Security has shown how passwords from Active Directory can be audited and controlled in environments before, using nothing but built-in solutions of the environment.
- When users are alone and working from home, there’s a change of the state of mind. You’re perhaps more afraid and subject to being tricked by someone pretending to be a superior. You’re likely to make more mistakes, as you want to please and show that you’re available during the crisis and doing work while at home. The lack of colleagues to ask for advice, the fear and state of mind changes, may allow workers to be more often compromised.
The discussion pivots into technical protections, like firewalls and VPN’s. Organizations have been focused on making systems available during the crisis. Assets, users and other functions have been made available online, likely not with the same level of scrutiny other assets have received before being put online. News-anchor, Sturla Dyregrov, asks if River Security is often or not, successful in breaking into companies. Chris unfortunately reveals the truth, that information security in organizations in 2020 are not where it needs to be, and often, they are successful in breaking in.
Sturla points out an important fact, if River Security can break in, isn’t it likely that criminals can as well? “This is true, and very important. Criminals have resources, capabilities, time and money to invest in this type of activity. If we can do it, assume they can as well”, comments Chris Dale.
In conclusions, there are many ways companies are broken into during the light of the pandemic. Users are connecting to VPN’s with private and infected equipment, using weak passwords, being tricked and fooled, and more. Chris points out that once criminals have the first breach or compromise, they normally have a much easier way to accomplish their goals. The defenses are often constructed from the outside looking in, but once a user or system has been first breached, the attackers will use this to compromise the company further.
As a final tip, what everyone should do, Chris recommended to turn on “multi-factor authentication” across all services for our users.
Follow River Security on LinkedIn for future updates: https://www.linkedin.com/company/river-security