22.4 C
New York
Saturday, June 6, 2020

Coronavirus Cybersecurity Fallout Might Not Be Felt for Weeks or Longer

Must Read

In a short time, a landslide clears eight houses into the ocean

In northern Norway, a square of land a few hundred meters wide has cleared eight houses into the ocean....

Magic The Gathering Core 2021: The Chandra Signature Spellbook

While everyone's eyes in the Magic The Gathering world are to a great extent concentrated on tomorrow's Core 2021...

Heavy Volume Surges on Genius Brands Share

Shares of Genius Brands International Inc. GNUS, +71.51% surged 13% on volume of 2.2 million shares in premarket trading...
- Advertisement -

Kim Borton worked from home while her children created an art project in Beaverton, Ore., earlier this month. Millions of Americans are working from home amid the coronavirus pandemic, and experts say overstretched IT teams might not be able to keep up with updating their networks.

Photo: Craig Mitchelldyer/Associated Press

As millions of U.S. workers frantically pivoted to remote work last week, putting new strains on their computer networks, federal officials warned that hackers smelled blood.

But the fallout from coronavirus-related breaches may not become clear for weeks, months or even longer, experts say. The expected delay highlights how confusion from the pandemic has created long-term security risks that could eat up precious resources as the economy hurtles toward a recession.

“Very well-organized criminal organizations or nation-states—they can wait,” said Nicolas Fischbach, chief technology officer of Forcepoint LLC, a cybersecurity firm that specializes in data protection. “They get to more data. They can learn more about the environment.”

Overstretched IT teams might not be able to keep up with updating their networks, experts say, while nonessential businesses that have effectively closed shop could prove to be easy targets. Those challenges come as workers’ use of private devices and services give attackers ample opportunity to avoid employers’ detection tools.

The public and private sectors already have faced an array of threats. The Federal Bureau of Investigation warned of an uptick in phishing scams against businesses. The World Health Organization told Reuters

 that hackers targeted it with a malicious look-alike website. And the U.K.’s National Crime Agency confirmed to WSJ Pro Cybersecurity that it is investigating an alleged ransomware attack against Hammersmith Medicines Research Ltd., a drug-testing company that has carried out trials for the ebola vaccine and other treatments.

While some attackers use ransomware for an immediate payout, more sophisticated groups could use the upheaval to penetrate networks and quietly search for bank account numbers, trade secrets or personally identifiable information that is financially or politically valuable, Stephen Breidenbach, a cybersecurity and privacy lawyer at Moritt Hock & Hamroff LLP, said in an email.

“They’ll then start siphoning off those resources as inconspicuously as possible, or wait to hit all the assets in one fell swoop when the company is most vulnerable,” Mr. Breidenbach said, adding that attackers could lie dormant for years. “Some hackers even try to get money from the stock market using nonpublic information they acquire.”

The question is whether companies and governments can also play the long game. Widespread office closures over the past two weeks have overloaded some virtual private networks with remote workers, according to cybersecurity experts. Mr. Fischbach, of Forcepoint, said the most common question clients had last week was how to scale up VPNs to handle the surge in traffic.

Debbie Gordon, chief executive of Cloud Range Cyber LLC, which works with businesses to war-game cyberattacks, said IT teams will continue to be pulled between helping employees maintain productivity and aggressively policing potential breaches. That balancing act—let alone new security investments—might prove difficult for businesses tightening their budgets amid an economic slowdown.

More From WSJ Pro Cybersecurity

“Their focus might not be on the proactive patching and maintenance of the networks as well,” Ms. Gordon said.

The Cybersecurity and Infrastructure Agency at the Department of Homeland Security has urged public- and private-sector workers to patch their systems, be on the lookout for abnormal activity and ensure machines have properly configured firewalls.

But the added wrinkle is that many remote workers may turn to their own computers, email and file-sharing accounts in a pinch, said Paul Martini, chief executive at iboss Inc., a cloud security firm. Often accessed through the public internet, those private tools increase the surface area for attacks and make successful data breaches more difficult for intrusion-detection tools and cybersecurity teams to see.

“My suspicion is we’re going to see a big uptick in terms of the amount of data on these public, information-sharing sites that shows up on the dark web,” Mr. Martini said.

Write to David Uberti at [email protected]

Copyright ©2019 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Join Wall Street Journal For Just $1
Credit: WSJ.com








- Advertisement -
- Advertisement -

Latest News

In a short time, a landslide clears eight houses into the ocean

In northern Norway, a square of land a few hundred meters wide has cleared eight houses into the ocean....

Magic The Gathering Core 2021: The Chandra Signature Spellbook

While everyone's eyes in the Magic The Gathering world are to a great extent concentrated on tomorrow's Core 2021 set preview, Wizards of the...

Heavy Volume Surges on Genius Brands Share

Shares of Genius Brands International Inc. GNUS, +71.51% surged 13% on volume of 2.2 million shares in premarket trading Wednesday, putting them on target...

Arrow Video has announced its 4K Blu-ray release – Vin Diesel’s ‘Pitch Black’

Arrow Video breaks into the 4K Ultra HD arena with the up and coming release of Pitch Black, the horror/sci-fi movie from 2000 that...

WWE SmackDown Results – May 29 – Sheamus Wins & Face Daniel Bryan

WWE Smackdown Results - May 29: WWE SmackDown rolls on and now we have ourselves a battle royal to figure out who will face...
- Advertisement -


More Articles Like This

- Advertisement -