新冠肺炎与计算机安全，第一部分：远程办公的风险

美国人事管理办公室上周敦促各机构做好准备，允许联邦雇员进行远程工作，也就是说，工作远程。这个紧随美国国土安全部（Department of Homeland Security）关闭其在华盛顿州的设施后，得知一名员工参观了位于科克兰市的生命护理机构，该机构是该州COVID-19疫情的起点。

联邦雇员被告知要进行两周的自我隔离，国土安全部大楼正在消毒。

不仅仅是联邦政府允许员工远程工作或远程办公。西雅图的公司，包括亚马逊、谷歌、Facebook和其他公司，正试图通过让员工在家里工作来保障员工的安全。

对冠状病毒的担忧已经关闭了常青州的学校和企业，金郡的公共卫生官员上周建议允许该地区的员工留在家中。

全国各地的公司已经开始允许员工远程工作，或者正在考虑这样做。纽约和其他州正在考虑采取与华盛顿类似的措施。问题是这些步骤是否真的必要，以及它们是否会带来其他严重问题。

“把你的业务转移到总部去。除了一切，还有什么会出问题？”马里兰大学计算机科学系的副教授jimpurtilo调侃道。

他告诉TechNewsWorld：“那些可能会对办公室的安全措施保持谨慎的商店会发现，一旦某个突然的决定将活动推向荒野，他们的保证就泡汤了。”。

“这些风险——包括不安全的WiFi连接；开放的打印机端口；带有各种不受约束的插件、跟踪器或社交媒体源的浏览器；在不受保护的云文件夹上共享文档；等等——都会让我们大吃一惊。”。

本周，TechNewsWorld与众多网络安全专家进行了交流，以了解如何在保持健康的同时保持安全。

了解最基本的风险

在公司派员工回家之前，它需要权衡风险。这并不是说不应该认真对待冠状病毒和COVID-19疾病，但正如必须解决健康问题一样，网络安全风险也必须得到解决。

“首先，会有很多骗局以健康和医疗问题为幌子。安全意识培训公司Lucy security的首席执行官科林·巴斯塔布尔（Colin Bastable）警告说：“黑客从不让一场好的危机白白浪费，这是一件大事。”。

危险的是，那些不在办公室的人可能在各方面都比在办公室里感到舒服。这不仅仅是关于衣柜的选择，而是关于远程工作所需的关注点。

Bastable告诉TechNewsWorld：“在家工作的人很容易分心，特别是如果他们通常习惯在办公室工作，他们会把工作与个人电子邮件和网络浏览混为一谈。”。

他补充说：“这增加了他们通过点击恶意软件链接向雇主和同事介绍的风险，90%以上的攻击都是通过电子邮件发送的。”由于管理层沟通中断，与首席执行官和首席财务官核实的机会减少，预计远程员工也会成为这些攻击的受害者。”

比冠状病毒多

最大的危险之一是人们对冠状病毒的关注如此之大，以至于计算机病毒和其他恶意软件正被雇主、IT员工和远程工作者忽视。然而，有一个群体肯定不会忘记计算机病毒，他们是由利用这一混乱时期的坏人组成的。

他们通过伪造的电子邮件和社交媒体在网上传播错误信息。如果与大流行有关的新闻或建议不是来自世界卫生组织（WHO），疾病控制和预防中心（CDC）或其他有信誉的医学来源都不会相信。更重要的是，不要点击社交媒体、电子邮件、论坛或其他地方的可疑链接。直接到世卫组织和疾控中心网站了解事实。

“防病毒和反恶意软件——端点安全协议——应该至少每天更新一次。Cerberus Sentinel合规和风险管理副总裁Lou Morentin告诉TechNewsWorld，大多数可以配置为每小时检查一次更新，这有助于降低风险。

如果在家工作是一种打破常规的做法，IT员工应该让员工做好准备，教育他们了解风险。

网络安全公司Hysolate的首席执行官马克·加凡指出：“首先要确保员工拥有在家工作所需的设备，如笔记本电脑、语音和视频会议，以及安全的网络和接入。”。

他告诉TechNewsWorld：“安全的工作站和访问是这样一个计划的主要元素。”。

别做那个低挂的水果

不幸的是，在最糟糕的时候，最糟糕的网络攻击可能会发生。黑客、网络罪犯甚至流氓国家更有可能打击一个困惑、忧心忡忡的国家

别做那个被收割的韭菜

不幸的是，在最糟糕的时候，最糟糕的网络攻击可能会发生。黑客、网络罪犯甚至流氓国家更有可能打击困惑、担忧和担忧的民众。

网络研究公司Red Canary的首席产品官克里斯•罗思（Chris Rothe）解释说：“一般来说，攻击者都在寻找漏洞来发动攻击。”。

“在这种情况下，人们对病毒的恐惧是攻击者可能利用的漏洞，”他告诉TechNewsWorld。

“如果一个人对病毒感到担心或压力过大，他们就不太可能记得自己的安全培训，而且更有可能，例如，点击钓鱼电子邮件中的链接，或将其凭据提供给恶意网站，”Rothe补充道。

因此，在家或远程工作需要更高级别的安全性。

Stealthbits副总裁Ralph Martino指出：“单点登录和多因素身份验证是远程员工的关键技术，同时也将业务风险降至最低。”。

“这些技术一起允许远程员工使用一个密码连接到云中的业务应用程序。他告诉TechNewsWorld，这为远程员工提供了更高的安全性和法规遵从性。

用户通常是每个安全程序中最薄弱的环节。

“这种弱点会被冠状病毒这样的情况放大。商业领袖应该提醒他们的员工注意他们的安全培训，并指出攻击者会利用冠状病毒作为一个机会。

新常态

许多人已经定期或至少半定期地在家工作。目前的安全问题涉及到员工数量的激增，而这些员工通常不会。

然而，远程办公可能会成为新的常态——不仅仅是因为COVID-19，还有很多其他原因，包括生产率提高、办公室变小、公司通过减少员工上下班时间来减少碳足迹。

然而，在危机时期，可能有太多人同时离开办公室工作。这会以意想不到的方式向IT部门征税。员工需要学习如何作为自己的IT员工来解决许多网络相关问题。

Semperis的首席架构师Gil Kirkpatrick说：“在目前的COVID-19情况下，我们肯定会看到这种增长。”。

Inkscreen的首席执行官乔希·博尔斯（Josh Bohls）说：“在家工作的人可能会出现超时、网络中断和达到许可证上限的情况，这会降低生产率，影响工作绩效。”。

他告诉TechNewsWorld：“许多员工将不再使用公司网络和已知的托管应用程序，而是转向‘影子IT’应用程序。”他们可能使用手机扫描和捕捉文档和混合媒体内容，而很少或根本没有组织管理。

Bohls警告说，手机并不是专门为安全而设计的。

他指出：“此外，更多的员工将受到诱惑，下载不安全且可能带有恶意软件的应用程序。”。

Bohls说：“幸运的是，在过去20年里，科技已经发展到专门支持远程工作者的地步，最近的违规行为正促使IT和安全团队强制要求员工使用能够保护、管理和控制移动设备上收集的业务内容的应用程序。”。

Semperis的Kirkpatrick告诉TechNewsWorld：“虽然雇主鼓励员工保持健康，但他们也必须鼓励员工在网上保持安全。”。

他指出：“家庭路由器是出了名的不安全，它们通常有安全漏洞，需要通过闪存ROM来修补，而大多数人不会这么做。”。

Kirkpatrick说：“远程工作者应该尽可能使用他们的工作计算机，而不是家用计算机，以及公司授权和管理的设备。”。

“如果非要使用家用电脑，请更新A/V软件并确保其实际运行。不要在家用计算机上保存文件。“把它们保存在公司的Dropbox/OneDrive/等等，然后使用你的工作电子邮件，而不是私人的，”他建议道这些都是让远程员工安全工作的一些最佳做法。”

原文题：COVID-19 and Computer Security, Part 1: Telecommuting Risks

原文：The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the Department of Homeland Security closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak.

Federal employees were told to self-quarantine for two weeks, and the DHS building is being disinfected.

It isn't just the federal government that is allowing employees to telework or telecommute. Seattle companies including Amazon, Google, Facebook and others are trying to keep workers safe by letting them do their jobs from home.

Coronavirus fears have shut down schools and businesses in the Evergreen State, and public health officials in King County last week recommended allowing employees in the region to stay home.

Across the country firms already have started allowing employees to work remotely or are considering doing so. Similar measures to those in Washington are being considered in New York and other states. The question is whether these steps are really necessary and whether they could present other serious problems.

"Move your operations out to home offices on the fly. What could go wrong, besides everything?" quipped Jim Purtilo, associate professor in the computer science department at the University of Maryland.

"Shops that might be careful about security practices at the office will find their assurances go out the window once some sudden decision flips activity out into the wild," he told TechNewsWorld.

"The risks -- including insecure WiFi connections; open printer ports; browsers with all manner of unvetted plug-ins, trackers or social media feeds; document shares on unprotected cloud folders; and more -- will give us fits," Purtilo added.

This week TechNewsWorld spoke with numerous cybersecurity experts to get tips on how to stay safe while staying healthy.

Understanding the Most Basic Risks

Before a company sends its workers home, it needs to weigh the risks. This isn't to say that coronavirus and the COVID-19 disease shouldn't be taken seriously, but just as health concerns must be addressed, so too should cybersecurity risks.

"First, there will be a lot of scams being run under cover of health and medical issues. Hackers never let a good crisis go to waste, and this is a biggie," warned Colin Bastable, CEO of security awareness training company Lucy Security.

The danger is that those who are out of the office might feel more comfortable than in the office in every way. This isn't just about wardrobe choices -- it's about the focus that is necessary to work remotely.

"People working from home get easily distracted, especially if they are normally used to working in the office, and they will mix work with personal email and Web browsing," Bastable told TechNewsWorld.

"This increases the risks that they can introduce to their employers and colleagues by clicking on malware links -- and over 90 percent of attacks are delivered by email," he added. "With disrupted management communications and fewer opportunities to check with the CEO and CFO, expect remote workers to fall victim to these attacks too."

More Than the Coronavirus

One of the great dangers is that the focus is so heavily on the coronavirus that computer viruses and other malware are being overlooked by employers, IT staff and remote workers. However, one group that surely isn't forgetting about computer viruses is comprised of the bad actors who are taking advantage of this time of chaos.

They are spreading misinformation online through spoofed emails and social media. If pandemic-related news or advice isn't coming from the World Health Organization (WHO), Centers for Disease Control and Prevention (CDC) or other reputable medical sources don't believe it. More importantly, don't click on questionable links on social media, email, forums or elsewhere. Go directly to WHO and CDC sites for the facts.

"Antivirus and antimalware -- endpoint security protocols -- should be updated at least daily. Most can be configured to check for updates hourly, and this can help mitigate risks," Lou Morentin, VP of compliance and risk management for Cerberus Sentinel, told TechNewsWorld.

If working from home is a break from the norm, IT staffs should prepare workers, educating them about the risks.

"The initial thing is to ensure that workforces have the equipment required for working at home, such as laptops, voice and video conferencing, as well as secure networking and access," noted Marc Gaffan, CEO of cybersecurity firm Hysolate.

"Secure workstations and access are the primary element of such a program," he told TechNewsWorld.

Don't Be the Low-Hanging Fruit

It is unfortunately during the worst of times that the worst types of cyberattacks can occur. Hackers, cybercriminals and even rogue states are more likely to strike a confused, worried and concerned populace.

"In general, attackers are looking for a vulnerability to deliver their attack," explained Chris Rothe, chief product officer of cyber research firm Red Canary.

"In this case, people's fear over the virus is the vulnerability attackers will look to capitalize on," he told TechNewsWorld.

"If an individual is concerned or stressed about the virus they are less likely to remember their security training and will be more likely to, for example, click a link in a phishing email or give their credentials to a malicious website," Rothe added.

Working from home or remotely therefore should require a greater level of security.

"Single sign on and multi-factor authentication are critical technologies for the remote workforce, as well as minimizing risk for the business," noted Stealthbits Vice President Ralph Martino.

"These together allow the remote workforce to connect to business applications in the cloud using one password. This provides greater security and compliance for the enabling the remote workforce," he told TechNewsWorld.

Users are typically the weakest link in every security program.

"That weakness gets amplified by a situation like the coronavirus. Business leaders should make a point to remind their employees of their security training and call out the fact that attackers will use coronavirus as an opportunity," warned Red Canary's Rothe.

The New Normal

Many individuals already work from home on a regular, or at least semi-regular basis. The present security issues concern the surge in the number of employees who usually don't.

However, remote working could become the new normal -- not just because of COVID-19, but for a plethora of other reasons, including improved productivity, smaller offices, and companies' efforts to lessen their carbon footprint by reducing employee commutes.

However, during times of crisis it's possible that too many people may be working away from the office at once. That can tax IT departments in unexpected ways. Workers will need to learn how to function as their own IT staff to solve many cyber-related issues.

"We're definitely seeing this ramp up with the current COVID-19 situation," said Gil Kirkpatrick, chief architect at Semperis.

"People working from home can expect time outs, network outages, and hitting license caps -- which can slow productivity and impact job performance," said Josh Bohls, CEO of Inkscreen.

"Many employees won't be working from corporate networks and known, managed applications, and instead will be moving to 'Shadow IT' applications," he told TechNewsWorld. "They may be using their mobile phones to scan and capture documents and mixed media content with little or no organizational governance.

Mobile phones aren't exactly built for security, cautioned Bohls.

"Also, more employees are going to be tempted to download non-secured and potentially malware-laden apps," he pointed out.

"Fortunately, tech has evolved over the last 20 years to specifically support remote workers, and recent breaches are driving IT and security teams to mandate that employees use apps that enable the organization to protect, manage, and control business content collected on mobile," said Bohls.

"While employers are encouraging staff to stay healthy, they must also encourage them to stay safe online," Semperis' Kirkpatrick told TechNewsWorld.

"Home routers are notoriously insecure, and they usually have security bugs that need to be patched by flashing the ROM, which most people don't do," he noted.

"Remote workers should use their work computer, not their home computer, along with corporate authorized and managed devices whenever possible," said Kirkpatrick.

"If you have to use your home computer, update A/V software and make sure its actually running. Don't save files on your home machine. Save them in the corporate Dropbox/OneDrive/etc. -- and use your work email, never personal," he advised. "Those are some best practices to keep a remote workforce humming along securely."

作者：Peter Suciu

原文网站：https://www.technewsworld.com/story/86566.html