Kelli Vanderlee, is the Manager of Intelligence Analysis at FireEye, and she outlines some of the current concerns with cybersecurity weaknesses in relation to the massive growth in home and remote working, both by students and workers in conversation with Digital Journal.
Vanderlee says that “While it is true that we have seen a variety of state sponsored and financially motivated actors leverage Covid-19 in social engineering campaigns, it is worth a reminder that the primary goals and intended targets of the activity are consistent with longstanding priorities.”
By this, Vanderlee says: “For cyber espionage actors, the main objective is intelligence collection against government and key industry targets. This type of activity is unlikely to affect most neighborhood school teachers or their students and families.”
In terms of what treat actors are after, Vanderlee says: “For financially motivated actors, the goal is profit, and widespread campaigns can affect many sectors, including education. However, the potential return on compromises of teachers giving classes remotely or parents and students studying from home is relatively modest when compared to potential compromises of large businesses.”
However, there are additional threats in light of the coronavirus situation, with most people based at home. Here Vanderlee, notes: “With most families at home, malicious actors may see families’ personal email, social media, collaboration software, or school-related accounts as useful vectors to gain access to targeted individuals’ work accounts. We have seen attackers ranging from Chinese, Russian, and Iranian state sponsored groups, to financially motivated outfits, to hacktivists use access to personal accounts in campaigns.”
Furthermore, Vanderlee, says: “Schools serving families that include individuals who are typically at higher risk for cyber threat activity, such as government officials, soldiers, and researchers working in high value industries, such as cutting edge technology development, or global finance, may also experience elevated risk.”
Vanderlee, ends with a positive note: “To date, we have not seen evidence that collaboration software or educational applications are being targeted more frequently than prior to the outbreak.”
However, this does not negate the need to take care: “Though given overall increased use, if that’s where the people are, that is likely where malicious actors will follow. Social engineering – sending malicious links or attachments – via apps is also a well-documented tactic.”
