Remote working is not something new. Since the Covid19 pandemic started the diversity of remote learning is incomparable. There was always cyber security threat in remote working. However, it increased recently as people were forced to work from home to reduce the spread of virus it caused a rise in the new remote learning landscape, and Ransomware played an important role in this cyber threat push.
What Ransomware is?
Ransomware is a type of malware from crypto virology that breach victims’ data and block access for the victim and threaten the victim if a ransom is not paid.
How does Ransomware work?
Ransomware could happen in many ways. However, the most common one is phishing spam emails with an attachment. If the user opens the spam email the attachment will be downloaded into the user’s system without the user’s knowledge, then the malware will encrypt the victim’s files and victims will be instructed to get the decryption upon payment.
Ransomware and its explosion in recent years!
Ransomware has long posed a cybersecurity threat to remote working and recently it exploded because of Covid 19 pandemic. According to the global security group, the Institute for Security and Technology only in the US $350 was being given to hackers and it’s a 311% increase over 2019.
One of the most recent ransomware hacks happened because a company employee used a public network. By Which hacker breached into the private network and used remote employees IDs to connect with the company system which forced to shut down a colonial pipeline that used to supply 45% of the eastern United States’ fuel.
The hack of Twitter in 2020 was not for ransomware but the main breach point of this incident was remote working. Several employees were being called by the hacker and claimed to be IT department support and offered help to connect through the company’s virtual private network being used by employees working from home. From this hack, the hacker was able to seize 117,000 bitcoins.
We could say remote working is one of the reasons right now which increased the threat of cyber security and Ransomware is one the easiest way for this accomplishment of hackers’.
How to avoid Ransomware and Remote working threat?
- Wi-Fi:
If an employee uses a home wireless network or public network that will give chance to the malicious actors nearby can easily spy on their connection and harvest confidential information. For this reason, employees should not use unknown Wi-Fi unless they are using VPN.
- Password:
Using a weak password is one of the reasons for being hacked in remote working. So, employees should practice using a stronger password with the randomly generated number. Moreover, they should practice using a password manager.
- File-Sharing:
Employees should practice sharing unencrypted data. Companies may be thinking they are because their encrypted data are stored in their server. While The company information can be theft when encrypting data in transit from one place to another.
- Email Scam:
If any email scam occurred companies should be responsible for that because when remote working started most of the employees did not have enough training and Idea about remote learning. So companies should do a workshop to prevent this situation and educate their employees about cyber security and its threat.
- Work from home security policy:
· Clearly state that which positions are eligible for remote work.
· List the tools and platforms they should be using.
· Give guidelines to the employees to follow steps if they have been compromised.
References:
- https://link-springer-com.ezproxy.lib.ucalgary.ca/chapter/10.1007%2F978-3-030-78645-8_74
- https://www.theguardian.com/technology/2021/jun/17/ransomware-working-from-home-russia
- https://heimdalsecurity.com/blog/cybersecurity-issues-with-remote-work/
- https://en.wikipedia.org/wiki/Ransomware
- https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html
Very interesting article! In your opinion, as more and more businesses are moving towards a model where working from home is the norm, do you think that ransomware will continue to be an growing and unchecked threat, or do you think a new type of cybersecurity threat will crop up instead?
This was an interesting read, especially that part where the hacker became a billionaire by seizing 117,000 bitcoins. As people begin to enjoy working from home more and more, it is important to realize the dangers of it, which you have highlighted well. I wonder if more companies will implement ssh into their routines. The possible security breaches stemming from online work may cause an uptick in demand for cybersecurity jobs. Alternatively, we could also create that demand by revealing more security breaches (kidding!).
As people rely more and more on the Internet, much of their work and important data is stored on electronic devices. Extortion through network intrusion does bring a lot of problems that are difficult to solve. Perhaps it would be useful to build an internal network for an organization or business. In addition, when downloading files from unknown sources, using virtual machines for downloading is often the best solution. Very useful blog post.
Can’t imagine how rich the hacker would’ve been with being able to seize 117,000 bitcoins. As well as the feelings that victim’s would’ve felt. Hackers these days can hack through anything it seems and it is very scary how the hackers made the US shut down its colonial pipeline. It is also problematic how technologies are getting so developed today and people feel so helpless when they become the victim. Even though the prventions are simple and seems easy to follow, life does not lead to where we expect so we should try hard to strengthen our securities!
It is an informative article. Due to the impact of the new COVID, many daily activities have to be forced from offline to online. At this point, cybersecurity becomes even more important. Ransomware is very distressing to people. When we are maliciously attacked by ransomware, it not only threatens our property, but also disrupts our lives. I would like to add two ways to protect network security by using VPN and DNS filtering.
This is very interesting! As someone who has worked from home before, I didn’t realize the potential dangers. However, I do feel I’ve stayed safe by not opening random emails/files on my UofC email, but I could definitely add another layer of protections by using a VPN. It’d be interesting to know how many of these UofC phishing emails are ransomware and how common it is at the university?
What I have found when it came to the usual employee who works with computers, their technology literacy may not be very good (IE the loads of dumb tickets IT workers get on a daily basis), and then to then transition those employees to work from home, that only introduces another technological barrier, which hackers clearly capitalized on. Say what you want about hackers, they can definitely be a crafty bunch! The unfortunate thing about all this is, a lot of people aren’t well educated on malware or how to protect themselves from malware (especially the different kinds, such as Ransomware), so I’m curious to see how many companies took the time to train their employees on how to protect themselves in this new “work from home” environment we’ve found ourselves in.
In this informative post, there is this discussion about twitter getting hacked in 2020 by a hacker claiming to be the “a specialist from the IT Department”, this could be also be known as identity theft. And because of this pandemic situation that is happening currently it has been more accessible and easier for these hackers to perform such tasks since there are not required to reveal their faces and stealing an employees data, finally claiming himself to be the employee. Through which they can be authenticated digitally however not physically, hence it is a concerning issue. The mentioning of VPN when using unknown WIFI I feel that it is a noticeable one as any body could be monitoring the amount of data that is getting shared. Furthermore, I believe companies should develop more sophisticated AI mechanisms to actually verify their employees.
Interesting post. Ransomware really has expanded in recent years, in fact, I found an article that detailed a 485% increase in year-over-year global ransomware attacks between 2019 and 2020! (https://www.bitdefender.com/files/News/CaseStudies/study/395/Bitdefender-2020-Consumer-Threat-Landscape-Report.pdf). The ransomware attack that you described really brings into perspective the significant damages that can occur through exploitation of basic systems such as remote working and VPNs. There can be severe consequences when security is not adequately managed. I had not heard of the phishing spam attachments that automatically downloads it self onto your device and encrypts your data before this article, so this article was a welcome alert to pay more attention to the messages that I am receiving everyday. Thanks for all the tips for ransomware prevention!
Hey, great post! I was just reading an article by another peer on ransomware. However, your article shed some light on a critical aspect of a ransomware attack which is remote work. I know Attack Surface Management is being implemented by companies to protect their employees and the companies’ assets. However, I think the same should be done for ransomware. In fact, I read a news article that detailed how Ransomware would avoid infecting Russian computers which is quite interesting. You can find the source here: https://www.nbcnews.com/politics/national-security/code-huge-ransomware-attack-written-avoid-computers-use-russian-says-n1273222. Moreover, I think individuals should have a better understanding of how they can be targetted and what they can do to avoid such predicaments. I think you article did a good job highlighting these aspects.
This is a fascinating article! Cybersecurity dangers are on the rise because of the covid 19 pandemic and the move to the online world. You’ve provided several excellent methods for avoiding ransomware attacks, but I’d want to add a few more. Use secure networks, enable two-factor or multi-factor authentication, and change your credentials.
Great article! I wonder why ransomware attacks aren’t talked about more, because as the world is moving online more and more, preventing people from accessing their files/sensitive information seems like a criminal offence, but not like the type of criminal offence that warrants jail time. But at least more people should be made aware of ransomware and how to prevent it from happening to them.
I think this is a very relevant article right now considering that many companies are thinking of continuing work from home policies even after COVID restrictions are removed. As a result the preventative measures you have listed at the bottom are relevant now and going to be for a very long time. As someone who had just finished a remote internship they are already being implemented such as the VPN requirement and email training but some other techniques being used are MFA and security monitoring unknown files on users machines.
People are storing more of their work and vital data on electronic devices as they become increasingly reliant on the Internet. Extortion by network infiltration creates a slew of issues that are tough to address. Building an internal network for a company or organisation might be advantageous. Furthermore, employing virtual machines to obtain files from unknown sources is frequently the best answer. This is a fantastic article.
Great post!
Because of the COVID-19 pandemic in 2020, I had to stay at home to study online. At the same time, my father also had to stay at home to work online. That was a wonderful time, we sat beside each other and focused on our own “business”. He has an Electrical Engineering degree and I was a third-year CPSC student that year, so we became very interested in ransomware which aimed at remote working and studying after we learned that some persons were suffering from ransomware. My father told me there was an application created by IT maintainers in the company which my father is working for. All employees in that company were required to install that application on their PCs. The employees had to run that application on their PCs before they use their PCs to remotely connect to the company servers. I looked through the interface of that application on my father’s laptop, I found that it was a combination of SSH remote connection, anti-virus software and a network firewall.
I think this is a good way for a company to protect itself from being attacked by ransomware and other malware. Even though some employees are not familiar with network technologies, this kind of application can help them to protect their PCs and the company servers. However, this requires the company to hire some very professional IT maintainers, which means the company needs to pay more money for employees.