The New York Times reports that international hackers target Americans working at home. This is a very personal attack for already-stressed working people.
Hackers calling themselves Evil Corp. have developed sophisticated malware, the Times said in June.
The Russian group is identifying employees working from home during the pandemic. The group then attempts to identify the workers’ work network and infect it.
Symantec Corporation identified the sophisticated attacks.
Symantec warned that Russian hackers are exploiting the change in American work habits. They said the malicious code can spread in corporate networks.
Such code is typically “ransomware.” It allows hackers to demand millions from companies.
Ransomware has long been a concern. Now, attacks on U.S. cities and towns have put the crisis in a spotlight.
“Security firms have been accused of crying wolf, but what we have seen in the past few weeks is remarkable,” said Eric Chien, Symantec’s technical director. “Right now this is all about making money, but the infrastructure they are deploying could be used to wipe out a lot of data—and not just at corporations.”
The Justice Department said the Russian hackers had “been engaged in cybercrime on an almost unimaginable scale.” The State Department offered $5 million for information leading to the arrest or conviction of the group’s leader.
Symantec said it identified 31 companies that were victimized. They included major American brands and Fortune 500 firms.
Russian government harbors crime
No justice for Americans working at home
Moscow has protected Evil Corp.’s hackers from extradition.
The December indictment and sanctions both named Maksim V. Yakubets, the Times said. They quoted experts who said Yakubets’s work included “acquiring confidential documents through cyber-enabled means …”
Chien said many firms have employees use a “virtual private network.” It allows workers to reach company systems as if they were at the office.
Then the systems waits for the worker to go to a public or commercial website. It can then use that moment to infect their computer, Chien said.
Evil Corp.’s hackers disable antivirus software and damage backup systems. Researchers said this is a clear attempt to thwart victims’ ability to recover their data.American workers must educate themselves about keeping home computers safe. If you work from home, ask your employer for help beefing up digital home security.
The American Medical Association publishes tips for working online (originally for doctors). They list common threats:
- E-mail phishing attempts to trick you into giving out information using e-mail. The FBI has also issued several Public Service Announcements on business email frauds and COVID-19 themed frauds.
- Ransomware is a type of malicious software that attempts to deny access to data, usually by encrypting the data until a ransom is paid. (Paying a ransom does not guarantee that the hacker will un-encrypt or unlock the stolen or locked data.) The FBI discourages paying ransom as it may incentivize continued ransomware attacks and fund more serious crimes including violent crimes.
- Most ransomware attacks are sent in phishing campaign e-mails asking you to either open an attachment or click on an embedded link.
Basic remedies for Americans working at home:
- Consider using a Virtual Private Network (VPN) and/or a cloud-based service. These are coming into widespread use as organizations encourage staff to work remotely.
- Employing strong authentication and lockout parameters
- Limiting remote access to only the necessary databases and systems in your office
- Ensuring all VPN and cloud-based services’ security patches are up to date
External VPN tips from VPNRatings.com
Recently-published resources to help internet users learn more about VPNs:
Additional considerations:
- Use multi-factor authentication for all personal and business accounts.
- Enable, where available, lockout features for multiple incorrect login attempts.
- Add “external origin” email caution banners on emails coming into your work email accounts.
- Schedule forced password changes every 60-90 days—lengthy passwords using passphrases are best.
- Establish verbal authentication procedures with a known person for any email request to change payment instructions, direct deposit information or requests for batches of sensitive data such as patient information, payment information, or W-2 information.
- Add enhanced email system security protocols including advanced threat protection (ATP) to detect malware based upon behavior and known indicators.
- Consider an application “whitelisting” strategy. A whitelisting strategy is one in which only safe, authorized and necessary applications can execute and run on computer systems or networks.
- Prepare to defend against ransomware. Consider using the 3-2-1 rule to create secure backups:
- 3- Offline segmented backup copies of your data;
- 2- Different media types; and
- 1- Cloud-based backup.
- Ensure direct and remote access to the backups is highly restricted and monitored Also, if you have cybersecurity insurance, review coverage and understand any limitations. Prior to suffering an incident, consider reaching out to your insurance company for references to forensics firms which may help you recover your data if needed. And again, contact the FBI. They can work with other agencies, including DHS, not only in the investigation of the attack, but also to assist you in possible decryption of the data, mitigation of the impact or negotiation with the ransomware perpetrators.
- Smart phones and tablets can now provide many of the same features and benefits as desktop or laptop computers.
Settings to check immediately
- Make sure that each of your iPhones/iPads and Android devices are running the most up-to-date version of its operating system software. Often these updates address security vulnerabilities or add new features.
- Make sure your home’s wireless network is protected with a strong password. For example, use a combination of numbers, upper and lowercase letters, and symbols.
- Enable encryption on both your device and apps if possible. This is often found in the device’s or app’s settings.
- Use multi-factor authentication where possible.
- Enable lockout features for multiple incorrect login attempts.
- Install anti-virus software on your device.
- Consider using a VPN app.
AMA Checklist
Click here to see the AMA computer security checklist as a PDF file (new window/tab).
Americans working at home face anxiety
Hacking fears add to stress
The American Heart Association says that hacking fears are adding fuel to flames. Hunkering down amid stay-at-home orders mixes aspects of life—a recipe for stress.
It’s a huge change for those accustomed to co-worker interactions. People who work at home are also juggling added responsibilities, such as children out of school or the need to check on older loved ones.
Trips to crowded grocery stores can increase anxiety for women in a caretaker role, said Dr. Gina Lundberg, clinical director of the Emory Women’s Heart Center.
“It’s a really stressful time,” Lundberg said. “Everyone else should pitch in.”
Over the long term, stress can lead to serious health problems. Several strategies can help you stay healthy and bring life into balance.
Association recommends tips:
- Develop a schedule
- Designate workspace at home
- Stay physically active
- Eat healthy
- Avoid social isolation
- Focus on the positive
Gratitude helps
Can Americans working at home be grateful in a pandemic? In a limited sense, yes. Try to remember that it is good luck if you can afford a home computer with internet access.
This article from Pew Research explains the link between telework and affluence: /before-the-coronavirus-telework-was-an-optional-benefit-mostly-for-the-affluent-few/
And, and don’t forget these tips from the U.S. Department of Human Services: tools for navigating COVID-19 stress
Photos by (1) Elvis Santana from freeimages.com and (2) Thought Catalog on Unsplash