Coronavirus Cybersecurity Fallout Might Not Be Felt for Weeks or Longer

Must Read

Rights Groups File for Emergency Injunction for ICE to Release Detainees If It Won’t Do More to Prevent COVID-19 Spread

Civil rights groups have filed for an emergency application for a preliminary injunction to stop the U.S. Immigration and...

RIP Howard Finkel: WWE’s Legendary Ring Announcer Passes Away at 69

Legendary WWE ring announcer Howard Finkel has passed away at the age of 69. Finkel, affectionately known as "The Fink,"...

Why Wine Remains a Great Connector

WINE CAN DO many things. It can enhance a meal, a meeting or a mood. It can make us...

Top 3 Upcoming movies on Netflix and TV shows in July 2020

Upcoming movies on Netflix and TV shows: Netflix was the primary significant streaming assistance to begin an "originals" program, presently...

WHO warns of dangerous new epidemics as records are broken

The World Health Organization (WHO) warned on Friday that the world has entered a "new dangerous phase" in the...

Kim Borton worked from home while her children created an art project in Beaverton, Ore., earlier this month. Millions of Americans are working from home amid the coronavirus pandemic, and experts say overstretched IT teams might not be able to keep up with updating their networks.

Photo: Craig Mitchelldyer/Associated Press

As millions of U.S. workers frantically pivoted to remote work last week, putting new strains on their computer networks, federal officials warned that hackers smelled blood.

But the fallout from coronavirus-related breaches may not become clear for weeks, months or even longer, experts say. The expected delay highlights how confusion from the pandemic has created long-term security risks that could eat up precious resources as the economy hurtles toward a recession.

“Very well-organized criminal organizations or nation-states—they can wait,” said Nicolas Fischbach, chief technology officer of Forcepoint LLC, a cybersecurity firm that specializes in data protection. “They get to more data. They can learn more about the environment.”

Overstretched IT teams might not be able to keep up with updating their networks, experts say, while nonessential businesses that have effectively closed shop could prove to be easy targets. Those challenges come as workers’ use of private devices and services give attackers ample opportunity to avoid employers’ detection tools.

The public and private sectors already have faced an array of threats. The Federal Bureau of Investigation warned of an uptick in phishing scams against businesses. The World Health Organization told Reuters that hackers targeted it with a malicious look-alike website. And the U.K.’s National Crime Agency confirmed to WSJ Pro Cybersecurity that it is investigating an alleged ransomware attack against Hammersmith Medicines Research Ltd., a drug-testing company that has carried out trials for the ebola vaccine and other treatments.


While some attackers use ransomware for an immediate payout, more sophisticated groups could use the upheaval to penetrate networks and quietly search for bank account numbers, trade secrets or personally identifiable information that is financially or politically valuable, Stephen Breidenbach, a cybersecurity and privacy lawyer at Moritt Hock & Hamroff LLP, said in an email.

“They’ll then start siphoning off those resources as inconspicuously as possible, or wait to hit all the assets in one fell swoop when the company is most vulnerable,” Mr. Breidenbach said, adding that attackers could lie dormant for years. “Some hackers even try to get money from the stock market using nonpublic information they acquire.”

The question is whether companies and governments can also play the long game. Widespread office closures over the past two weeks have overloaded some virtual private networks with remote workers, according to cybersecurity experts. Mr. Fischbach, of Forcepoint, said the most common question clients had last week was how to scale up VPNs to handle the surge in traffic.

Debbie Gordon, chief executive of Cloud Range Cyber LLC, which works with businesses to war-game cyberattacks, said IT teams will continue to be pulled between helping employees maintain productivity and aggressively policing potential breaches. That balancing act—let alone new security investments—might prove difficult for businesses tightening their budgets amid an economic slowdown.

More From WSJ Pro Cybersecurity

“Their focus might not be on the proactive patching and maintenance of the networks as well,” Ms. Gordon said.

The Cybersecurity and Infrastructure Agency at the Department of Homeland Security has urged public- and private-sector workers to patch their systems, be on the lookout for abnormal activity and ensure machines have properly configured firewalls.

But the added wrinkle is that many remote workers may turn to their own computers, email and file-sharing accounts in a pinch, said Paul Martini, chief executive at iboss Inc., a cloud security firm. Often accessed through the public internet, those private tools increase the surface area for attacks and make successful data breaches more difficult for intrusion-detection tools and cybersecurity teams to see.

“My suspicion is we’re going to see a big uptick in terms of the amount of data on these public, information-sharing sites that shows up on the dark web,” Mr. Martini said.

Write to David Uberti at david.uberti@wsj.com

Copyright ©2019 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Join Wall Street Journal For Just $1
Credit: WSJ.com

------ Search with Google ------
- Advertisement -

Popular

Tiger King Joe Exotic Wishes He Could See Himself ‘Being Famous’ While in Mandatory Quarantine

The Tiger King Joe appears to be reveling in his new-found fame, telling Netflix he wishes he could see himself "being famous" while he...

First Look of The Midnight Gospel Trailer at Netflix and Release Date

Netflix has released the first trailer for its new adult animated series The Midnight Gospel. The show comes from Pendleton Ward, the creator of Cartoon Network's Adventure Time, and...

Photography Guide



More Articles Like This