With so many people working from home, more attackers are adapting their strategies to focus on employees as a way to bypass organizations’ defenses, FCW reports. During a webcast hosted by Venable, several Federal and industry experts discussed the challenges associated with remote work, particularly in organizations that previously required physical modes of identification.
Sean Connelly, Trusted Internet Connection (TIC) program manager at the Cybersecurity and Infrastructure Security Agency (CISA), said attackers are increasingly using fake social media accounts and phone calls to trick employees into handing over their credentials or installing malware.
“Those attacks are shifting everywhere traditional network security controls are not located,” Connelly said. “Many attackers are actually calling employees and encouraging them to log on to those fake pages and then grabbing their credentials from those pages.”
Connelly added that it’s much harder to defend against phishing attacks on social media when employees are working from home.
“How do you put security controls around a social messaging app?” Connelly asked.
Wendy Nather, Head of Advisory CISOs at Duo Security, explained that many previous security assumptions are suddenly no longer applicable.
“Because we’re not physically co-located anymore, there are a lot of authentication factors we used to assume, that we now can’t use,” Nather said. “If somebody calls the help desk, how are you going to verify them if they can’t walk over and show you their CAC [Common Access Card]?”
Likewise, Ross Foard, a senior engineer at CISA, said well-established forms of authentication in the government are hard to transfer to a remote environment.