{"id":108904,"date":"2020-04-07T06:00:25","date_gmt":"2020-04-07T13:00:25","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=108904"},"modified":"2021-03-16T23:30:14","modified_gmt":"2021-03-17T06:30:14","slug":"network-working-from-home","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2020\/04\/network-working-from-home\/","title":{"rendered":"How to Protect Against Cyberattacks When Working from Home During COVID-19"},"content":{"rendered":"<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">As many companies adopt work-from-home policies in response to the COVID-19 pandemic, cybersecurity is a growing issue.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Cybercriminals are seeking to exploit coronavirus to target companies and individuals.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Here's how businesses and employees can protect themselves online.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">As we navigate the challenges posed by COVID-19 and the need to halt the spread of this deadly pandemic, many of us are settling into a routine of working from home. This can pose many difficulties, including how to maintain focus, how to balance other priorities, such as childcare, and how to be productive without requisite tools or dedicated office space - not to mention the struggle to avoid raiding the whole snack cupboard in one day.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There are compromises to be found for many of these challenges in what we hope will be a relatively short-term arrangement. What we must not compromise on is security.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Many <\/span><a href=\"https:\/\/www.weforum.org\/agenda\/2020\/03\/coronavirus-pandemic-cybersecurity\/\" rel=\"nofollow,noopener\" ><span style=\"font-weight: 400;\">cybercriminals<\/span><\/a><span style=\"font-weight: 400;\"> are seeking to exploit our thirst for information as a vector for attack. Most commonly, as with other high-profile events, attackers are using COVID-19-themed phishing e-mails, which purport to deliver official information on the virus, to lure individuals to click malicious links that download Remote Administration Tools (RATs) on their devices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In addition, there have been multiple reported cases of malicious COVID-19-related Android applications that give attackers access to smartphone data or encrypt devices for ransom. The global pandemic has also led to the creation of more than 100,000 new COVID-19 web domains, which should be treated with suspicion, even though not all of them are malicious. (Palo Alto Networks is continually updating the latest <\/span><a href=\"https:\/\/unit42.paloaltonetworks.com\/covid19-cyber-threats\/\"><span style=\"font-weight: 400;\">COVID-19 related cyber threats<\/span><\/a><span style=\"font-weight: 400;\">.)<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Attackers are also taking advantage of the fact that many people who are working from home have not applied the same security on their networks that would be in place in a corporate environment, or that enterprises haven\u2019t deployed the right technologies or corporate security policies to ensure that all corporate-owned or corporate-managed devices have the exact same security protections, regardless of whether they\u2019re connected to an enterprise network or an open home WiFi network.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Both business leaders and individual employees have critical roles and responsibilities in securing their organization and in ensuring that cyberattacks do not further compound the already disrupted work environment.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><b>How Businesses Can Respond<img loading=\"lazy\" decoding=\"async\"  class=\"size-full wp-image-108918 alignright lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2020\/04\/avgtotal.jpg\" alt=\"Average total cost of a data breach by industry in millions. Source: IBM Security, 2019, Cost of Data Breach Report. \" width=\"289\" height=\"465\" \/><\/b><\/h2>\n<p><span style=\"font-weight: 400;\">In this critical time, business leaders have a heightened responsibility to set clear expectations about how their organizations are managing security risk in the new work environments, leveraging new policies and technologies and empowering their employees. It\u2019s important that messages on security come from the very top of an organization, and that good examples are set from the start. Here are three recommendations for business leaders.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Understand the threats to your organization. Business leaders should work with their security teams to identify likely attack vectors as a result of more employees working from home and prioritize the protection of their most sensitive information and business-critical applications.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Provide clear guidance and encourage communication. They must ensure that home-working policies are clear and include easy-to-follow steps that empower employees to make their home-working environment secure. This should include instructing employees to communicate with internal security teams about any suspicious activities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Provide the right security capabilities. Leaders should ensure all corporately owned or managed devices are equipped with essential security capabilities, extending the same network security best practices that exist within the enterprise to all remote environments. These critical capabilities include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">An ability to securely connect users to their business-critical cloud and on-premise applications, such as video teleconferencing applications increasingly relevant for remote work environments<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Endpoint protection on all laptops and mobile devices, including VPN tools with encryption<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">An ability to enforce multi-factor authentication (MFA)<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">An ability to block exploits, malware and command-and-control (C2) traffic using real-time, automated threat intelligence<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">An ability to filter malicious domain URLs and perform DNS sinkholing to thwart common phishing attacks<\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><b>How Individuals Can Respond<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Individual users must be empowered to follow the guidance provided to them by organizations and take preventative measures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Maintain good password hygiene. Employees should use complex passwords and multifactor authentication where possible and change these passwords frequently.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Update systems and software. Individuals should install updates and patches in a timely manner, including on mobile devices and any other non-corporate devices they might use for work.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Secure your WiFi access point. People should change their default settings and passwords in order to reduce the potential impact on their work of an attack via other connected devices.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Use a virtual private network (VPN). VPNs can help create a trusted connection between employees and their organizations and ensure ongoing access to corporate tools. Corporate VPNs provide additional protection against phishing and malware attacks, the same way corporate firewalls do in the office.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Be wary of COVID-19 scams. We\u2019ve seen phishing e-mails, malicious domains and <\/span><a href=\"https:\/\/www.usatoday.com\/story\/tech\/2020\/03\/18\/spyware-apps-mobile-phones-could-spread-amid-coronavirus-pandemic\/2865792001\/\" rel=\"nofollow,noopener\" ><span style=\"font-weight: 400;\">fake apps<\/span><\/a><span style=\"font-weight: 400;\"> out in the wild already. Threat actors <\/span><a href=\"https:\/\/unit42.paloaltonetworks.com\/covid19-cyber-threats\/\"><span style=\"font-weight: 400;\">love to exploit real-world tragedies<\/span><\/a><span style=\"font-weight: 400;\">, and COVID-19 is no different.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Don\u2019t mix personal and work. Employees should use their work devices to do work and their personal devices for personal matters. If you wouldn\u2019t install or use a service while you\u2019re at the office, don\u2019t do it while at home on your work device.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Taking these relatively straightforward steps at both an enterprise and individual level should help address some of the most common security risks facing our home-working environments. We should also recognize that our threat environment is not static, which means it's important to keep a close eye on evolving threats to avoid unnecessary additional costs and disruptions in a time when we can least afford them.<\/span><\/p>\n<p><i><span style=\"font-weight: 400;\">This post was previously published on the <\/span><\/i><a href=\"https:\/\/www.weforum.org\/agenda\/2020\/03\/covid-19-cyberattacks-working-from-home\/\" rel=\"nofollow,noopener\" ><i><span style=\"font-weight: 400;\">World Economic Forum website<\/span><\/i><\/a><i><span style=\"font-weight: 400;\">.<\/span><\/i><\/p>\n","protected":false},"excerpt":{"rendered":"<p>With more people working from home, businesses and individuals have critical roles and responsibilities for securing their organizations.<\/p>\n","protected":false},"author":65,"featured_media":108905,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6768,6765],"tags":[815,102,586],"coauthors":[704,7055],"class_list":["post-108904","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-secure-the-cloud","category-secure-the-enterprise","tag-cyberattacks","tag-remote-access","tag-unit-42"],"jetpack_featured_media_url":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-content\/uploads\/2020\/04\/unit42-covid-blog-image.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/108904","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/65"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=108904"}],"version-history":[{"count":1,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/108904\/revisions"}],"predecessor-version":[{"id":108931,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/108904\/revisions\/108931"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/108905"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=108904"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=108904"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=108904"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=108904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}