“Wash your hands. Don’t scratch your nose. Try to avoid public spaces.”
In the weeks leading up to COVID-19’s ascendance to a pandemic, we’ve all become more aware of our touch points as we go about our daily lives trying to avoid infection. If businesses practiced this level of vigilance for their network touch points, and their daily exposure to infected surfaces, threat actors would have a much smaller playground in which to operate.
When businesses agree on connecting with each other, often it’s the expectation of security more than active vigilance that precedes the handshake. Robust global organizations surely have solid practices in place that protect them from active cyber infections. So why would they need to slather themselves in the cyber security equivalent of antibacterial gel before they shake hands?
If this sounds crazy—it is. And yet it is exactly what happens, even to worldwide organizations. The truth of the matter is, most large businesses only think they know their true infection touch points. They’re looking at the network perimeter they control themselves—not the expanded third-party perimeter that they in fact operate in.
This arrangement is a powder keg set to explode in the weeks to come. In response to COVID-19, businesses across the world are sending workers home. The expectation is that day-to-day business can continue as long as they are equipped with VPNs to enable their work-from-home employees with an encrypted connection between their home and work environment.
But this new work paradigm means that sensitive information is now bouncing between secured and unsecured environments. While it is true that VPNs are effective at protecting data that is in transit, that protection is useless after the data lands in an unprotected device like a personal laptop.
Trusting a VPN to keep your data safe is like trusting a syringe won’t get you infected. What exactly is floating in that solution that’s being pushed into your bloodstream—or in this case, your organization’s network?
The vigilance required for the security teams, or managed security service providers (MSSP) to monitor an exponential uptick in the usage of VPNs is simply unrealistic. The mass-quarantine scenario that COVID-19 has introduced to the world’s businesses wasn’t in the staffing budgets of most organizations. Those security teams are likely stretched thin just to keep tabs on the new remote workers.
Throwing this threat into sharp relief is the inevitable business leadership personality who grows frustrated over the security hoops in place to keep remote data secure. “It’s hampering our day-to-day ops,” they’ll say. It’s not an unreasonable observation. What’s unreasonable is to act on that emotion, and strip out those securities in an effort to return business transactions to “normal.”
Prevailion gives businesses a powerful tool to simplify this scenario. We have a unique dataset that shows our users context on historical and active cyber compromises, including home IP addresses. Businesses can fold every IP in their perimeter through Prevailion to see if it is compromised by cyber infection. We can provide visibility on the active contagion in remote workers’ connections to businesses across the world.
Anyone can set up Prevailion for free in minutes. Claim your free account to begin your experience, and get instant visibility on evidence of compromise in your organization today.
Karim Hijazi, who served as the director of intelligence of the cybersecurity firm Mandiant and now serves as CEO of the security firm Prevailion, said the hackers will likely have “gone to ground” at this point.
While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another sophisticated crime actor that companies need to be watching out for.The group is called TA505 and it is believed to be […]
“This was the most pristine espionage effort, unlike anything we’ve seen in a very long time,” said Karim Hijazi, a former intelligence community contractor. “Everyone in the cybersecurity community is freaking out, because we don’t know where this could stop.”