Protect Your Users from Shameless Hackers Who Exploit Coronavirus Concerns

loughtecBlog: IT support | Virtual Desktop | Cyber Security- Loughtec: NI / ROI / UK

We live in extreme times. A term that was unknown to the public just a few months ago now dominates our daily conversations. And as in all times of upheaval, we are witnessing inspiring human behaviour along with some that is shockingly bad.

The Good
First the good – in fact, the amazing: Those on the front lines – healthcare professionals, emergency workers, and people who provide essential services – are going above and beyond to help individuals who are sick, at risk, or simply isolated and frightened. These people, as well as countless selfless others who quietly volunteer to help neighbours and friends, are heroes to be celebrated.
Businesses, schools and other organizations have been quick to accept and act on expert advice and take measures to protect employees, students and the public by shutting facilities and offices and shifting to remote working and remote classroom environments. These responsible actions are crucial for slowing the spread of the virus and hopefully containing it.
And companies like ours, which provide solutions that make it possible – and easy – for businesses and schools to maintain operations while employees and students are home-bound, are reaching out to help, with solutions and customer-friendly plans to help organizations enable remote work and learning.

The Bad
Unfortunately, the bad guys have lost no time in taking advantage of the crisis. Especially disturbing are reports of hackers who cynically spread Coronavirus-themed phishing attacks. In one such attack, Trickbot malware preys on frightened and vulnerable individuals in high-risk areas. It hides malware in a Word document attached to an email that urges recipients to open an attachment containing key safety info from the World Health Organization.
When the file is opened a malicious macro and XML files are placed on the victim’s hard drive, which then connect to a control server to exfiltrate information from the device or download additional malicious code.
How can we protect ourselves against these sorts of attacks, especially when individuals working at home may not be protected by usual office firewalls and secure gateways? This question is especially crucial since malware can move laterally to workplace networks when work-at-home users connect in via VPN etc…
That’s why many organizations are adopting ‘Zero Trust’ security strategies – questioning everything and trusting nothing — to protect their businesses from malware like Trickbot, ransomware, and other malicious content.

A solution that can help in this effort is called Remote Browser Isolation, or RBI. By executing websites in remote secure containers, and sanitizing files to remove malware before they are downloaded, comprehensive RBI solutions help in three key cases: preventing web-based malware, blocking malicious URLs in phishing attacks, and preventing malicious downloads. In the case of Trickbot, an RBI solution would sanitize the file download within the remote container and protect the user’s device from infection by the malicious code hidden in Trickbot’s Word file.

The Ugly
As we all take appropriate steps to keep ourselves, our families, our businesses, and our communities safe in a world impacted by coronavirus, we also need to be vigilant against the shockingly bad actors that manipulate vulnerable users by playing on their fear, concern, and need for information. Google’s recent report that phishing attacks have increased 350% during the current COVID-19 quarantines. So just as you take steps to protect yourself in the physical world, it’s crucial to protect yourself in the digital world as well.

How LoughTec Helps
LoughTec is proud to be doing our part to help businesses stay up and running during closures, protecting employees’ livelihoods. To make it easy to quickly set up simple remote access to corporate applications and resources, as well as employees’ in-office desktops, we’re offering free 30-day licenses for Ericom Connect to enable browser-based access to office-based desktops and systems, without any downloads to user devices. To protect users – and your networks – from the unconscionable malicious actors who are spreading malware via phishing and infected websites, we also have Shield Remote Browser Isolation.

To learn more, give us a call. 02882 252445 / info@loughtec.com