SAN FRANCISCO, Apr 17 (Reuters) – Hacking activity against companies in the United States and other countries more than doubled by some measures last month as digital thieves took advantage of security weakened by teleworking policies motivated by the pandemic, the researchers said.
Business security teams have a harder time protecting data when it’s scattered across widely-configured home computers and remotely connected company machines, experts say.
Even those remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem, authorities and researchers said.
Security and software company VMWare Carbon Black said this week that ransomware attacks or hijacking programs increased 148% in March from the previous month, in parallel to decisions by governments around the world to limit mobility. to contain the new coronavirus, which has killed more than 130,000 people.
“There is a digital historical event that occurs at the bottom of this pandemic, and that is that a cybercrime pandemic is occurring,” said VMWare cybersecurity analyst Tom Kellerman.
“It is easier, frankly, to hack a remote user than someone sitting in your corporate environment. VPNs are not bulletproof, they are not a panacea.”
Using data from the American team Team Cymru, which has sensors with access to millions of networks, researchers from the Finnish company Arctic Security found that the number of networks that experienced malicious activity more than doubled in March in the United States and in many European countries compared to January, shortly after the virus was first reported in China.
The biggest jump in volume came when computers responded to scans when they shouldn’t have. These scans often look for vulnerable software that allows for deeper attacks.
The researchers plan to publish their findings by country next week.
Rules for secure communication, such as banning connections to bad reputation web addresses, tend to apply less when users take computers home, said analyst Lari Huttunen, Arctic.
This means that previously secure networks can be exposed. In many cases, firewalls and companies’ security policies have protected machines that have been infected by viruses or malicious software, he said. Outside of the office, that protection can be dramatically reduced, allowing infected machines to communicate with original hackers again.
This has been exacerbated because the sharp increase in the volume of VPNs has led some saturated technology departments to allow less rigorous security policies.
“Everyone is trying to maintain these connections, and security controls or filtering are not maintained at the same levels,” said Huttunen.
(Information from Joseph Menn in Saint Francis and Raphael Satter in Washington; translated by Tomás Cobos)