The cybersecurity landscape: hackers threatening remote working, home routers and remote devices
The convergence of technological platforms is creating an increasingly complex cyber threat landscape. The COVID-19 pandemic has shifted business to remote work, contributing to widespread use of less protected devices and inconsistent network connections from home and other remote locations. In June 2020, a hacker group, EVIL Corp., attempted ransomware attacks on many Fortune 500 companies and a major news organization. EVIL Corp identified employees working from home or remotely during the pandemic and attempted to infiltrate their networks with malware intended to cripple their operations. Threat actors had exploited the sudden change in work habits with injecting code into corporate networks with a speed and breadth not previously witnessed.1
As well, home routers were targeted in the early days of the COVID-19 pandemic in which a router’s DNS settings were hijacked so that web browsers display alerts for a fake COVID-19 information app from the World Health Organization that is the Oski information-stealing malware. It was determined that these alerts were being caused by an attack that changed the DNS servers configured on their home routers (Linksys, and possibly D-Link) to use DNS servers operated by the attackers2.