The Cybersecurity and Infrastructure Security Agency (CISA) – an agency within the Department of Homeland Security – has warned that as more companies are allowing their employees to work from home amid the COVID-19 outbreak, the businesses open themselves up to more vulnerabilities that hackers can abuse.
In a recently issued notice, CISA explained that remote work options typically require an enterprise virtual private network (VPN) solution to connect employees to an organization’s IT network. But this can make employees ripe targets for malicious cyber actors looking to gain access to those networks.
CISA outlined some cybersecurity considerations:
- Since VPNs are kept on 24/7, organizations are less likely to keep them updated with the latest security updates and patches.
- Malicious cyber actors may increase phishing emails targeting teleworkers to steal their usernames and passwords.
- Organizations that do not use multi-factor authentication (MFA) for remote access are more susceptible to phishing.
- Organizations may have a limited number of VPN connections; this can lead to some critical business operations being hamstrung, like IT security functions.
The agency also recommended the following measures to mitigate VPN security issues:
- Update VPNs, network infrastructure devices, and devices used to remote into work environments.
- Alert employees to an expected increase in phishing attempts.
- Ensure IT security personnel are prepared to “ramp up” tasks such as log review, attack detection, and incident response and recovery.
- Implement MFA on all VPN connections.
- Ensure IT security personnel test VPN limitations in preparation for mass usage.
- Contact the CSIA to report cyber incidents.