The COVID-19 pandemic has caused a shift in the workforce, with more and more people working primarily remotely. This has caused significant changes in the threat landscape.
We have seen higher volumes of traffic, resulting in a heavier workload to process. The introduction of third-party software/services for data exchange, such as Zoom, Gotomeeting, Webex, means information is being shared in a completely new way, leaving openings for new vulnerabilities. Working from home has also introduced home computers and potentially unsecured wi-fi networks and remote access tools such as windows RDP.
With the increased need to have externally reachable devices, creating new openings to the threat landscape, we have also seen a rise of cyber criminals attempting to exploit the pandemic, and leverage these remote services to attack corporate networks.
Moving forward companies will need to ensure that they are closing monitoring devices and programs as well as ensuring platforms are updated in a timely manner. Some basic but recommended strategies to help mitigate risk:
Ensure that devices are continually and regularly updated.
Ensure that you use strong password, and do not allow password duplication for access to different corporate resources.
Provide regular and timely end user training for your organization.
While COVID-19 may be changing the threat landscape, having a cybersecurity program that is prepared, flexible, and ready will ensure your organization stays secure.
Ref: https://www.securityweek.com/covid-19-lockdown-fuels-increase-rdp-attacks