Increasing hacking attacks during coronavirus lockdown can have adverse affect on US economy, say experts
There are rising concerns of hackers penetrating insecure network connections of thousands of employees working remotely, likely posing a threat to a company's sensitive data
With a significant percentage of the world population relying on unsecured internet networks as they work from their homes amid the coronavirus pandemic, threats other than the deadly viral transmission have surfaced in form of online phishing attacks and hacking attempts.
Multiple federal agencies have warned residents about the rise of coronavirus-themed email phishing attacks and hacking campaigns used to spread malware by miscreants.
At a time when Americans have become increasingly reliant on connectivity products, whether it is to receive reports or guidance from governments on the crisis or to remain connected with family, colleagues, and employers amid the lockdown, security of consumer devices and networks have now become crucial. There are also rising concerns of hackers penetrating insecure network connections of thousands of employees working remotely, likely posing a threat to a company's sensitive data.
"Cyberattacks are now targeting individuals and businesses," Holt Thomas, professor at School of Criminal Justice at Michigan State University told MEA Worldwide (MEAWW). "On the one hand, there are going to be upticks in phishing attacks and scams to acquire stimulus payments and financial data from consumers. On the other, companies can expect an increase in malicious software, phishing campaigns to acquire employee logins, and gain access to secure networks for remote access."
Thomas, whose research focuses on computer hacking, malware, and the role of the Internet in facilitating all manner of crime and deviance, also said that multiple attackers move through their targets by compromising the least secure areas — like home connections — and then moving to more sensitive networks and data within the organization.
"Acquiring employee username/password credentials will allow outside attackers to gain footholds into networks and sensitive data," the professor continued. "They may be able to use these credentials to access VPNs or tools companies may use to help secure connections as well. From a security standpoint the other issue is that many employees are working from home at off hours from the norm. Intrusion detection systems used to identify bad traffic patterns may have to be retrained to some extent as attackers will be able to more seamlessly hide because companies should expect a higher proportion of remote logins outside of normal working hours by regular employees. So the process of securing resources may be a challenge as companies move to this extended period of working from home."
When asked whether cumulative data breaches of multiple companies in a country can affect its economy adversely, the expert said that there is a possibility.
"Yes, it could, particularly if this leads to large data breaches or loss of sensitive intellectual property in different industry sectors. The lead time and r/d costs spent are lost if a design, build plan or software/algorithm can be acquired by a rival nation or corporation," Thomas said.
The vice-chairman on the Senate Intelligence Committee, Sen. Mark Warner (D-Va.), last week, had raised concerns about cyber threats to internet connectivity for Americans working from home currently.
Warner reportedly wrote letters to network device vendors, including Google, urging them to increase the security of their products and bolster defenses against potential attacks. “It is also imperative that consumer Internet infrastructure not be used as attack vectors to consumer systems and workplace networks accessed from home," the lawmaker had said, asking that vendors examine the security of routers, modems, and wireless access points, and educate customers on cyber hygiene.