Coronavirus Cybersecurity Fallout Might Not Be Felt for Weeks or Longer

Must Read

Do you know these about Crowdfunding and Types of Crowdfunding

Crowdfunding and Types of Crowdfunding is a path for individuals, businesses, and good cause to fund-raise. It works through...

Read One Punch Man Webcomic Online, Top Anime Sites

One Punch Man Webcomic Online is a continuous web-comic of Japan that was made by Pseudonym One. He began...

Google Alternatives: Hey Google alternative or Ok Google alternative

Here is the quick lookup of the OK/Hey Google alternatives ( Ok google alternative / Hey google alternative): The...

Amber Heard Kissing Passionately: New Woman During weekend away

Since her acrimonious split from Hollywood star Johnny Depp in 2016, she's been linked to several high profile male...

Top 10 Best Anime Sites to Watch Anime Online Free

Top 10 Best Anime Sites to Watch Anime Online Free - Best anime sites 2016 too 2020: Japan anime...

Kim Borton worked from home while her children created an art project in Beaverton, Ore., earlier this month. Millions of Americans are working from home amid the coronavirus pandemic, and experts say overstretched IT teams might not be able to keep up with updating their networks.

Photo: Craig Mitchelldyer/Associated Press

As millions of U.S. workers frantically pivoted to remote work last week, putting new strains on their computer networks, federal officials warned that hackers smelled blood.

But the fallout from coronavirus-related breaches may not become clear for weeks, months or even longer, experts say. The expected delay highlights how confusion from the pandemic has created long-term security risks that could eat up precious resources as the economy hurtles toward a recession.

“Very well-organized criminal organizations or nation-states—they can wait,” said Nicolas Fischbach, chief technology officer of Forcepoint LLC, a cybersecurity firm that specializes in data protection. “They get to more data. They can learn more about the environment.”

Overstretched IT teams might not be able to keep up with updating their networks, experts say, while nonessential businesses that have effectively closed shop could prove to be easy targets. Those challenges come as workers’ use of private devices and services give attackers ample opportunity to avoid employers’ detection tools.

The public and private sectors already have faced an array of threats. The Federal Bureau of Investigation warned of an uptick in phishing scams against businesses. The World Health Organization told Reuters




 that hackers targeted it with a malicious look-alike website. And the U.K.’s National Crime Agency confirmed to WSJ Pro Cybersecurity that it is investigating an alleged ransomware attack against Hammersmith Medicines Research Ltd., a drug-testing company that has carried out trials for the ebola vaccine and other treatments.

While some attackers use ransomware for an immediate payout, more sophisticated groups could use the upheaval to penetrate networks and quietly search for bank account numbers, trade secrets or personally identifiable information that is financially or politically valuable, Stephen Breidenbach, a cybersecurity and privacy lawyer at Moritt Hock & Hamroff LLP, said in an email.

“They’ll then start siphoning off those resources as inconspicuously as possible, or wait to hit all the assets in one fell swoop when the company is most vulnerable,” Mr. Breidenbach said, adding that attackers could lie dormant for years. “Some hackers even try to get money from the stock market using nonpublic information they acquire.”

The question is whether companies and governments can also play the long game. Widespread office closures over the past two weeks have overloaded some virtual private networks with remote workers, according to cybersecurity experts. Mr. Fischbach, of Forcepoint, said the most common question clients had last week was how to scale up VPNs to handle the surge in traffic.

Debbie Gordon, chief executive of Cloud Range Cyber LLC, which works with businesses to war-game cyberattacks, said IT teams will continue to be pulled between helping employees maintain productivity and aggressively policing potential breaches. That balancing act—let alone new security investments—might prove difficult for businesses tightening their budgets amid an economic slowdown.

More From WSJ Pro Cybersecurity

“Their focus might not be on the proactive patching and maintenance of the networks as well,” Ms. Gordon said.

The Cybersecurity and Infrastructure Agency at the Department of Homeland Security has urged public- and private-sector workers to patch their systems, be on the lookout for abnormal activity and ensure machines have properly configured firewalls.

But the added wrinkle is that many remote workers may turn to their own computers, email and file-sharing accounts in a pinch, said Paul Martini, chief executive at iboss Inc., a cloud security firm. Often accessed through the public internet, those private tools increase the surface area for attacks and make successful data breaches more difficult for intrusion-detection tools and cybersecurity teams to see.

“My suspicion is we’re going to see a big uptick in terms of the amount of data on these public, information-sharing sites that shows up on the dark web,” Mr. Martini said.

Write to David Uberti at david.uberti@wsj.com

Copyright ©2019 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

Join Wall Street Journal For Just $1
Credit: WSJ.com



- Advertisement -

Popular

FCC Moves to Boost Wi-Fi Speed

WASHINGTON—Federal regulators are moving to make changes in the allocation of public airwaves to boost the speed of Wi-Fi networks, but at the possible...

TikTok Numbers Soar Now That Everybody Is At Home Trying To Get Famous

With people stuck at home self-isolating, TikTok has seen a spike in users and downloads as more people try to get their videos to...

More Articles Like This

- Advertisement -