Russian cybercriminal group targeting American remote workers
A Russian ransomware group whose leaders were indicted by the Justice Department in December is retaliating against the U.S. government, many of America’s largest companies and a major news organization, identifying employees working from home during the pandemic and attempting to get inside their networks with malware intended to cripple their operations, reports The New York Times.
Sophisticated new attacks by the hacking group — which the Treasury Department claims has at times worked for Russian intelligence — were identified in recent days by Symantec Corporation, a division of Broadcom, one of the many firms that monitors corporate and government networks, says the report. In an urgent warning issued Thursday night, the company reported that Russian hackers had exploited the sudden change in American work habits to inject code into corporate networks with a speed and breadth not previously witnessed, adds The New York Times.
Terence Jackson, Chief Information Security Officer at Thycotic, a Washington D.C. based provider of privileged access management (PAM) solutions, says, “COVID-19 has hurried in digital transformation for most companies that were on the fence. Most companies were not prepared for almost 100 percent of their workforces to be remote and thus have been playing catch up. Secure Remote Access and Endpoint Security are at forefront of cyber defense during this transformation. But we cannot overlook Security Awareness Training for the workforce. With surveys reporting that remote work being here to stay for a large population of workers, attacks against corporate infrastructures will start at home. The other concern is around workers that do return to offices with their BYOD and corporate owned devices that have been on untrusted networks for months, possibly not receiving updates or patches. Home networks are not a match for Nation State actors.”