MUMBAI: Companies should ensure stronger anti-phishing and anti-ransomware mechanisms as employees are at high risk of being targetted while they work from home, said a senior Microsoft official.
Many of these solutions can be implemented through natively embedded solutions in the software platforms used by enterprises, said Ann Johnson, corporate vice president, Cybersecurity Solutions Group, Microsoft Corp.
“Right now cyber-criminals are really taking advantage of the outbreak and targeting employees of companies with Covid-19 and Coronavirus phishing lure and malware. It is exacerbated by the fact that employees are largely working on their own and are quite stressed while working from home due to various domestic concerns," said Johnson.
Microsoft noted many targeted attacks on organisations like active coin mining campaigns and multiple ransomware attacks move from department to department within organisations after they monetize each attack. A lot of these attacks are preceded by social engineering and reconnaissance ahead of these attacks to take advantage of the vulnerable mindset of employees due to the uncertain situation.
The bad actors try to drive a sense of urgency through the phishing lures and traps so that employees do not have the chance to discuss them with co-workers as they would normally while they work on-premise. State, local government establishments, healthcare and critical services are among the most vulnerable to these attacks.
“Companies need to build secure systems for employees that are also simple to use with embedded security. There is also a need to train employees on ways to navigate around threats without impeding productivity and companies are looking for these solutions as organisations need to be cost-effective as well," added Johnson.
Last month, Google said its email service Gmail is processing over 100 million phishing emails and over 240 million covid- 19 related spam messages on a daily basis, even as platform aggregator G-Suite finds more paying customers.
Microsoft, however, said India is currently less impacted by these attacks than other Asian countries. After Zoom meetings were hacked into a few weeks ago, researchers found a vulnerability in Microsoft Teams that could be used to scrape user data, according to research by CyberArk Labs. The vulnerability was fixed immediately by Microsoft Research Centre.
With massive usage of remote productivity and video conferencing platforms, attackers are using these as entry points, forcing companies to dedicate more resources to secure them.
Johnson said businesses need to be empathetic towards employees during this period as they are often not prepared for the level of threat when they work outside organisation firewalls.
Among recommended best practices by Microsoft, organisations need to use multi-factor authentication for all employees with access to corporate networks as that will reduce chances of bad actors gaining access to critical systems. Employee devices need to be secured and cloud applications need to have similar security built in, including anti-phishing mechanisms. Microsoft has built support for password-less authentication into products and services, including Office, Azure, Xbox, and Github.