To get into users home network and devices cyber criminals have been using known and unknown techniques. Threat actors have most probably used most techniques in recent past months which includes exhausting default passwords and revisiting unpatched vulnerabilities, to scanning for open ports and services and installing backdoors.
There are observable signs to these attacks being carried out, but not all intrusions have tell tale signs or symptoms. So non-technical employees can check their devices, to see if there are symptoms of intrusions.
Trend Micro has detected an increase in attack attempts and malicious routines targeting remote systems and connected devices. The attacks on remote and home devices from December 2019 to the end of the first quarter of 2020 shows a significant increase compared to the activity detected within the same period the previous year.
The below figure shows inbound infection and attack attempts on devices from December 2019 to March 2020, detected by Trend Micro’s Smart Home Network (SHN).
What are the Symptoms of compromise?
Since all malicious intent don’t exhibit any obvious signs of intrusions and infection, but there are symptoms which becomes evident after user specific.
Cybercriminals constantly change or improve their techniques for infecting and attacking a growing array of mobile and smart devices. Here are the possible ways they can get through:
- Downloading apps, software, and/or media from third-party marketplaces or websites. These apps may be embedded with malicious components.
- Connecting to public Wi-Fi networks. Threat actors can intercept and steal information that goes through these networks. In other instances, the available connection may be a fake hotspot that captures data from devices that connect to it.
- Clicking on phishing and/or SMShing links. Threat actors use malicious URLs embedded in email or text messages to gain device access, steal banking or personal data, or spread malware.
- Visiting malicious and/or infected websites or apps. Malicious websites can be used to infect devices that intentionally or unintentionally visit these pages.
- As this involves intentionally removing software and telecommunication restrictions to override the device’s embedded exclusive functions, the process provides openings that malicious actors can exploit whenever the user goes online.
- Leaving system and/or media vulnerabilities unpatched. Security gaps in the OS, hardware, and apps can leave openings that cybercriminals can abuse.
- Using default access credentials. Default usernames and passwords in routers and devices assigned by manufacturers and network service providers tend to be similar or the same for all its subscribers.
- Targeted attacks. High-profile individuals in specific industries are high-value targets. Their respective devices can be used to trace and track their movements, have other high-value contacts, and contain sensitive information.
- Every business and corporations should regard WFH as the new norm. The business continuity procedures have increased the use of personal equipment and work devices connected to home networks, and this could lead to issues considering the possibly lower security measures at home compared to the workplace.
- Every business and corporations should regard WFH as the new norm. The business continuity procedures have increased the use of personal equipment and work devices connected to home networks, and this could lead to issues considering the possibly lower security measures at home compared to the workplace.
Suggestions for complete security cover :
- Multi-layered protection for protecting all fronts and preventing users from accessing malicious domains that could deliver malware. As an added layer of defense, Trend Micro Email Security thwarts spam and other email attacks. The protection it provides is constantly updated, protecting the system from both old and new attacks. Trend Micro InterScan Messaging Security provides comprehensive protection that stops inbound threats and secures outbound data, as well as blocks spam and other email threats.
- Connected devices can also be protected by security software such as the Trend Micro Home Network Security and Trend Micro Smart Home Network (SHN) solutions, which can check internet traffic between the router and all connected devices.
- Trend Micro Internet Security solutions, which offer effective safeguards against threats to IoT devices through features that can detect malware at the endpoint level.
(Image Courtesy: www.images.techhive.com)