Fake collaboration apps are stealing data as staff struggle with home-working security

Cyber criminals know that working from home can provide them with an easier way into corporate networks - resulting in a rise in attacks targeting remote devices.
Written by Danny Palmer, Senior Writer

There's been a significant rise in organisations encountering malware attacks on remote devices over the course of the past year as employees have been forced to work from home.

The ongoing coronavirus pandemic has resulted in more remote working than ever before and both organisations and employees have had to quickly adapt to this new environment and the additional challenges that come with it.

One of those challenges is cyber criminals attempting to take advantage of remote workers' insecure PCs as an entry point into corporate networks.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

As a result of this, there's been a rise in malware attacks targeting remote workers and, according to cybersecurity company Wandera's Cloud Security Report 2021, over half of organisations – 52% – experienced a malware incident on a remote device. That's up from just 37% of organisations experiencing malware attacks on remote devices during 2019.

In many instances, cyber criminals are taking advantage of known vulnerabilities in software to help deliver malware under the radar, as users struggle with software management and patch installation without the direct aid of a corporate IT team.

Remote workers are tricked into downloading malicious applications from phishing emails that install malware, but they believe they're installing something that will help their productivity.

"More often than not, the offending apps were being downloaded and installed by the remote workers themselves," Michael Covington, VP at Wandera told ZDNet.

"We saw a fairly large number of apps claiming to offer collaboration functionality, though in reality they were designed to steal private information like messaging content or trick the user into granting access to the camera and microphone, thus enabling a remote attacker to eavesdrop".

Worryingly, of those devices compromised by malware, over a third of users continued to access corporate emails while one in ten continued to access cloud services – both potentially providing hackers with much wider access to the network than they'd initially gained by compromising one remote machine.

SEE: Cybersecurity: This 'costly and destructive' malware is the biggest threat to your network

Securing remote employees is proving to be a challenge for information security teams, who themselves are are now also working remotely, making the job even more difficult.

However, engaging with remote employees to provide advice on how to work safely and securely can go a long way to keeping them – and the wider organisation – safe from cyberattacks, something that will be better for everyone in the long run.

"Continuously engaging with workers on the sign-in mechanisms they should use, the incident reporting they should follow, and the applications that are approved for work will help everyone do their part to protect the business and its assets," said Covington.


Editorial standards