Attempts at ransomware scams, with the hijacking of computer data and the promise of release only with the payment of a ransom, increased by more than 350% in Brazil in this first quarter of 2020 alone. The figures are from Kaspersky, a security specialist company digital, and are directly linked to the adoption of the home office as a measure to guarantee the functioning of companies during the period of social isolation in the fight against the new coronavirus.
The rise in ransomware rates shows that this category of digital scam is becoming, as recent research points out, increasingly profitable and effective. And alongside phishing attempts involving the sale or donation of alcohol gel or free offers of streaming subscriptions during the pandemic, the crooks have already realized that the “real” money is in attacks on corporate networks, which can be very more effective and destructive than those aimed at ordinary users.
In the same measure, the amounts charged for rescues increased, as well as the number of scam attempts. According to Kaspersky’s data, more than 3,000 suspicious domains related to the new coronavirus pandemic were registered in this first quarter alone, while 40% of companies have already detected an increase in digital attacks against their infrastructure, most of them using the disease as theme.
“This move is a direct reflection of the home office,” explains Fabio Assolini, senior security researcher at Kaspersky. “Criminals know that companies and people are most vulnerable and have access to corporate networks from potentially unprotected devices. This increases the risk ”.
The expert also points out a third factor that made data retrievals more expensive. According to him, there was a recent drop in the value of Bitcoins, a digital currency that is usually used to pay for ransomware, and to maintain profits, hackers end up increasing the prices charged. And when we talk about attacks targeting business networks, which the bad guys know are painful, the cost increases even more.
For Assolini, the rapid movement of the pandemic and the sudden closing decrees signed by federal and state governments led many companies to have to act quickly in the dismissal of employees. Security measures, however, did not proceed at the same speed, which could end up leading to loopholes and problems with data and device protection.
The result of the social isolation that has been applied in Brazilian cities since the last week is the quick delivery of devices to employees, or else, the release of internal networks for remote access, with workers using their own machines for work hours. “These devices are no longer under the control of IT departments, and therefore, they can end up being vectors for attacks”, explains the expert.
Assolini also points out the fact that many people do not have the necessary knowledge to take care of their own security or simply do not care about it. The result is access from unprotected networks or poorly configured routers, the lack of updating of operating systems or the absence of security software, such as antivirus or malware. In all cases, they are open doors for the entry of malware or the application of scams.
One of the main good practices indicated by the researcher is the mandatory use of VPNs to access corporate resources, as a way of ensuring that data is not intercepted on the network. Assolini also recommends the application of two-factor authentication for access to internal networks, in case of theft or theft of equipment with saved credentials, and the application of encryption on the disk for the same reason, as well as the use of systems that allow deleting all data. data if a device is lost.
The fundamental tip for PCs and smartphones used in the office is also valid here: the IT department should be responsible for updating and patching policies. In the case of remote work, this can also be done remotely, while the devices must not allow the installation of software or solutions by the user’s own hands. The measure also applies to smartphones, which must always be password protected and without unauthorized cloud storage applications.
For computers taken home, the researcher also recommends using controls for transferring files through the USB port, to avoid the diversion of confidential information, and the carrying out of educational programs so that employees understand the security needs of companies. “In the home office, it is common for personal and work data to mix, while distractions are greater. It is in this type of slide that the blows are supported ”, adds Assolini.
Taking all this into account, a faster and more practical solution may end up appearing in the heads of managers: the use of remote access solutions. The expert points out the practice as beneficial, as it allows corporate computers to remain under the company’s control. For the researcher, again, it is a reflection of the rush to adopt measures that may seem practical, but are not always safe.
“Gambiarras never work and still put data at risk,” he explains, pointing out more data. According to Assolini, a Kaspersky study found more than 600,000 unprotected remote access servers worldwide, while the security company alone has detected more than 37 critical flaws in software in this category in recent years. “An [destas brechas] it has been around since 1999 and has never been resolved, being fully used for attacks today, ”he adds.
Again, the need for updates and the presence of security software comes into play, in addition to the integration of remote access functionalities to corporate networks, which must be monitored for improper access. One last tip is also quite valid: maintaining security policies that limit the viewing of data according to the department, so that employees have access only to what is relevant to them. In case of invasion, this will also apply to an attacker, minimizing the damage.
“Despite all of this, it is important to make it clear that the home office is worth it, and even more companies should adopt this possibility after this trial by fire”, believes Assolini. At an online seminar held this week, Kaspersky presented a guide to good practices for companies that have chosen to adopt the work format at this difficult time for the world.
In the presentation, the expert admitted that many of these attitudes cannot be taken at the current time, when employees are at home, so the recommendation is to indicate extra attention to employees, who should pay attention to downloads, avoid clicking on links and, above all, keep devices always up to date and with protection solutions in place. “As the practice becomes common, the idea is that they all become a standard,” he added.
Did you like this article?
Subscribe your email to Canaltech to receive daily updates with the latest news from the world of technology.