martes, 27 septiembre 2022
Visitas totales a la web: 87907064

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

Huge rise in hacking attacks on home workers during lockdown

Jasper Jolly

Hackers have launched a wave of cyber-attacks trying to exploit British people working from home, as the coronavirus lockdown forces people to use often unfamiliar computer systems.

The proportion of attacks targeting home workers increased from 12% of malicious email traffic before the UK’s lockdown began in March to more than 60% six weeks later, according to to data from cybersecurity company Darktrace provided to the Guardian.

Attacks specifically aimed at exploiting the chaos wrought by Sars-CoV-2 have been evident since January, when the outbreak started to garner international news headlines.

The attacks have increased in sophistication, specifically targeting coronavirus-related anxieties rather than the more usual attempts at financial fraud or extortion.Advertisement

In early May, Darktrace detected “a large malicious email campaign” against UK businesses that told employees they could choose to be furloughed if they signed up to a specific website.

Other attacks have targeted the tools used by remote workers, including fake requests to reset virtual private network (VPN) accounts, Zoom video conferencing accounts with faked sign-in pages, or accepting an incoming “chat” request from colleagues on supposedly corporate messaging systems.

There has also been an increase in spoofing attacks, with emails purporting to be from a colleague. Darktrace said about a fifth of malicious emails would normally use some form of spoofing, but that this rate has reached up to 60% as attackers exploit the increased separation of workforces.

One spoofing attack featured an unnamed company chief executive supposedly asking workers to donate to his health charity, while others mimic IT support departments asking workers to download new software.

GCHQ, the UK’s cyber-intelligence organisation, has called for people to report attempts at phishing using fraudulent emails as it tries to block malicious websites.

The EU’s foreign affairs wing, the European external action service, has already warned of a proliferation of cyber-attacks and disinformation campaigns related to the pandemic, highlighting efforts thought to be linked to the Russian and Chinese states. The World Health Organization and the US National Institutes of Health have been targeted.

Darktrace said similar patterns were evident across the world, with increases in home-working attacks evident as soon as different countries entered their lockdowns, with Italian workers targeted before those in the UK and the US.

Max Heinemeyer, director of threat hunting at Darktrace, said attackers often reuse the same techniques on many different companies, looking for back doors in networks that may have inadvertently been left open.

“It can be very easy and very quick to capitalise on vulnerabilities like this,” he said, adding that attackers such as the APT41 operation, believed to have been carried out by Chinese state-backed actors, “sprayed and prayed”, attacking large numbers of targets.

The warning came after British airline easyJet was forced to reveal that a hack had exposed the personal information, including travel records, of 9 million people over a period of more than four months.

A person with knowledge of the probe into the easyJet attack said investigators believed financial fraud was not the main motivation for the attack. Reuters reported that investigators believed the easyJet hack may have been carried out by the Chinese state.

Security experts have seen a high volume of attacks since January by actors believed to be backed by China. Another trend has been the targeting of hotel and travel companies in what is believed to be an effort to gather movement information for large numbers of people.

Fecha de publicaciónmayo 24, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

La artillería ‘made in USA’ comprada por Marruecos que deja fuera de juego a España

El país magrebí sigue reforzando sus fuerzas armadas a golpe de talonario, y no lo hace de...

Últimas noticias

Pilar Montero del grupo de emergencias en Patrimonio (UCM): «El terremoto de Lorca lo cambió todo»

La directora del grupo de investigación de Gestión de Riesgos y Emergencias en Patrimonio Cultural (GREPAC)...

La actriz de Hollywood que logró uno de los inventos militares más importantes del siglo XX

Hedy Lamarr pasó de huir del fascismo que se propagaba por Europa en los años treinta a enfrentarse directamente a él, creando...

SEGURIDAD, “GLOBAL BRITAIN” Y ENTIERRO DE LA REINA ISABEL II DEL REINO UNIDO

El 19 de septiembre de 2022, ha sido un día que pasará a la historia del Reino Unido y la del resto del mundo. En ese día se ha producido el entierro de la reina Isabel II de Inglaterra tras su fallecimiento el día 8 de septiembre en el castillo de Balmoral (Escocia).

El pulso electromagnético, el arma que puede hacer retroceder a una ciudad al siglo XIX

Estados Unidos, Rusia y China trabajan en sus propios proyectos. El Pentágono cree que Irán y Corea del Norte también lo hacen.

Así se gestó un ‘atraco virtual’ de 240.000 euros a través de Bizum

Más de un centenar de personas participó en un entramado para desvalijar la cuenta corriente de una anciana tras detectar una debilidad...