Unfortunately, the bad guys have lost no time in taking advantage of the crisis. Especially disturbing are reports of hackers who cynically spread Coronavirus-themed phishing attacks. In one such attack, Trickbot malware preys on frightened and vulnerable individuals in high-risk areas. It hides malware in a Word document attached to an email that urges recipients to open an attachment containing key safety info from the World Health Organization.
When the file is opened a malicious macro and XML files are placed on the victim’s hard drive, which then connect to a control server to exfiltrate information from the device or download additional malicious code.
How can we protect ourselves against these sorts of attacks, especially when individuals working at home may not be protected by usual office firewalls and secure gateways? This question is especially crucial since malware can move laterally to workplace networks when work-at-home users connect in via VPN etc…
That’s why many organizations are adopting ‘Zero Trust’ security strategies – questioning everything and trusting nothing — to protect their businesses from malware like Trickbot, ransomware, and other malicious content.
A solution that can help in this effort is called Remote Browser Isolation, or RBI. By executing websites in remote secure containers, and sanitizing files to remove malware before they are downloaded, comprehensive RBI solutions help in three key cases: preventing web-based malware, blocking malicious URLs in phishing attacks, and preventing malicious downloads. In the case of Trickbot, an RBI solution would sanitize the file download within the remote container and protect the user’s device from infection by the malicious code hidden in Trickbot’s Word file.
As we all take appropriate steps to keep ourselves, our families, our businesses, and our communities safe in a world impacted by coronavirus, we also need to be vigilant against the shockingly bad actors that manipulate vulnerable users by playing on their fear, concern, and need for information. Google’s recent report that cyber security phishing attacks have increased 350% during the current COVID-19 quarantines. So just as you take steps to protect yourself in the physical world, it’s crucial to protect yourself in the digital world as well.
How LoughTec Helps
LoughTec is proud to be doing our part to help businesses stay up and running during closures, protecting employees’ livelihoods. To make it easy to quickly set up simple remote access to corporate applications and resources, as well as employees’ in-office desktops, we’re offering free 30-day licenses for Ericom Connect to enable browser-based access to office-based desktops and systems, without any downloads to user devices. To protect users – and your networks – from the unconscionable malicious actors who are spreading malware via phishing and infected websites, we also have Shield Remote Browser Isolation.
Contact Cyber Security Company LoughTec for a free no-obligation discussion on your business cyber security posture. Call +44 (0) 28 8225 2445 or email firstname.lastname@example.org.