Before the outbreak of Coronavirus, working from home was common, but not universal. About 43 percent of Americans worked from home occasionally in 2017, and about 5 percent worked from home full-time. Now that most of the country (and the world) is under lockdown, the numbers are skewed far into the other direction. While we are beginning to take cautious steps to open back up, working from home will be the norm for many of us for the foreseeable future. If you are like most, you may have had a security contingency for a small percentage of workers working from home either occasionally or full-time, but your security posture looks vastly different now.
For example, until now, your solution for working from home or from the road might have been accomplished with a basic combination of VPN + virtual desktop. Since only a few people would be traveling or working from home at any given time, you might not have paid that much attention to the way your VPN was managed. What many companies are now discovering is that, while their corporate network is fully segmented to protect the east-west movement of attackers, their relatively unmanaged VPN is totally flat.
New Working Conditions Mean New Threats
Security organizations need to pivot rapidly now that the majority of the workforce is working remotely. If their existing tools are now insufficient, they need to find new ones that work effectively and that can be deployed quickly. After all, the attackers have been working from home all along – and now they’re encountering an enticingly target-rich environment. New threats may include:
APTs are taking advantage of several endemic vulnerabilities in VPN systems in order to exploit a newly homebound workforce. Because these networks often need 24/7 uptime, they are difficult to update, meaning that known issues may not be patched. This makes it easy for state actors to craft malware that can exploit these vulnerabilities en masse. Read more here