Not All Telework Solutions are Created Equal
Category
Awareness, Vulnerabilities
Risk Level
It may seem like forever ago when that email arrived: all personnel will begin working from home effective Monday. As the COVID-19 pandemic overtook the world, many organizations knew they needed to work remotely, but many struggled to figure out how to activate their business continuity plans. Unfortunately, many organization’s didn’t plan out their IT scenarios, and quickly turned to work-from-home technology options that worked, instead of worked securely. By the way, we’ve talked about this before!
In this case, it appears many organization’s turned to Remote Desktop Protocol, or RDP, as their solution of choice. We hinted at this last week with an infographic (copied here) which shows the number of RDP connections open to the internet has increased by over a million - which is extremely alarming.
“Back up. What’s a Business Continuity Plan?”
A Business Continuity Plan, or BCP, is defined by Investopedia as:
We won’t dive into BCP logistics today, but at a high level this means that while the BCP covers events like where to report for work in the event of a fire at your office, it should also include planning for IT disasters. For example, how would your organization keep functioning if your IT network was crippled by ransomware? These questions, and ultimately your organization’s plan for them, should be thoughtfully considered in advance and documented in the BCP.
During the current pandemic, organizations should have had a plan in place to not only allow their entire workforce to work remotely, but to do so securely.
“OK, but RDP works. What’s wrong with using it?”
RDP is a great tool - it lets you log on to your computer from another location and use it like you’re sitting right at your desk. If you use it in conjunction with a secure connection to your office, like on a Virtual Private Network (VPN), then this is a great solution.
Unfortunately, it looks like over a million more computers and servers have opened up RDP in the last month to the internet and aren’t using a secure connection to protect it. This means the total worldwide of exposed RDP connections is up to almost 4.5 million according to security search engine Shodan. Even more alarming, 8% of those computers and servers with RDP exposed to the internet are still susceptible to a major vulnerability from November that we wrote about. This means that a hacker can log right into your computer from anywhere in the world, and on 8% of computers, use a vulnerability that allows them to do untold damage to you and your organization.
“So we’ll secure RDP. Anything else I should know?”
Working from home brings a whole new list of risks you may not have seen while you were in the office. Even NASA sent out a memo noting some alarming statistics they’ve seen on their networks since their workforce began working remotely:
Doubling of email phishing attempts
Exponential increase in malware attacks on NASA systems
Double the number of mitigation-blocking of NASA systems trying to access malicious sites (often unknowingly) due to users accessing the Internet
So stay alert to COVID-19 scams, configure your Zoom meeting correctly, and stay safe! Also, don’t forget to stay up to date on the latest cybersecurity news by subscribing to our Approachable Cyber Threats (ACT) Digest - the same great ACT posts you love along with some extra touches, delivered straight to your inbox.