Hackers Targeting People Working from Home
Commonly-used cloud services are vulnerable to attack
In This Article
• CISA alert issued to home workers
• What are cloud services?
• How do the hacks work?
• Weak employer security
• Recommendations for employees
• Recommendations for employers
A recent alert from the Cybersecurity and Infrastructure Security Agency (part of Homeland Security) warned employees and employers that hackers are targeting people working from home by gaining unauthorized access to commonly-used cloud services.
In this article, we'll explain what workers at home (and their employers) can do to avoid becoming a victim of such attacks.
What are Cloud Services?
Cloud services offer functions that used to be done with software installed directly on a worker's computer.
For example, instead of using a spreadsheet application like Excel and saving files on your local drive, you use Google Sheets instead, which saves the files on a remote server “in the cloud”.
Or instead of using local customer relationship management software, you use something like Salesforce or Hubspot.
Other commonly-used cloud services include file storage (OneDrive, Google Drive, Dropbox), project management (Trello, Asana, Basecamp), messaging (Slack, Whatsapp) as well as things like Google Docs, iCloud, and various AWS services.
What Are the Hackers Doing?
The targets of the hacking mentioned in the recent alert are workers who use both company-issued and personal devices (computers and/or phones).
The hackers use several techniques to lure victims into giving them access to the cloud services.
In a phishing attack, for example, hackers send an email or text message that appears to come from a cloud service. It might mention a secure message waiting, an expired password, or (in an ironic twist) that the account has been hacked and the user needs to reset it.
These messages look very real, with faked “from” addresses and the logos and colors used by the cloud services.
They have a link to click, and it will go to a page that appears to be legitimate. But the link actually goes to a page controlled by the hacker, with the purpose of collecting login information.
Weak Employer Security
Home workers, and their employers, are more vulnerable to these kind of attacks when there's weak cybersecurity “hygiene” on the employer's end.
Some of these weaknesses include…
Not enforcing strong passwords
Using easily guessable email addresses like “[email protected]”
Not using multi-factor authentication
Allowing people to forward their work email to their personal email accounts
Not requiring VPN (virtual private network) access to company email systems or other servers
Cybersecurity experts have recommendations for employers and employees…
Monitor network activity and look for weird out-of-hours activity
Review logins (and failed attempts)
Enforce multi-factor authentication and the use of a VPN for remote access
Review (or prohibit) email forwarding from work accounts to personal accounts
Provide cybersecurity awareness training to your staff
Establish blame-free reporting and ensure employees know who to contact
Disallow use of personal devices
Don't use your personal devices for access to work-related cloud services
Don't use your work devices for access to personal cloud services
Report anything suspicious to your company's IT or security department
Make sure you use strong passwords on all cloud service accounts
Hackers are taking advantage of the larger number of people now working from home.
This presents a risk to home workers and their employers when they use cloud services.
Employees and employers can reduce the risk by following the recommendations above.
If you have any questions about anything here or if there's an issue you'd like us to write about please get in touch.
Want More Info Like This?
Get our Free Newsletter