Security Bulletin Archive

May 2021: The Downside of Work-From-Home Initiatives

Because many corporate networks have been opened up to a greater extent to allow remote and home working, there has been a significant increase in attempts to hack into organisation's networks throughout 2020 and 2021. As a result, we've beefed up the security for our client's networks, making sure virus signatures are fully up to date, machines were fully patched, firewalls are on and file versioned backups are available at all times. We also made passwords stronger and introduced more secure ways of getting passwords to users. In some cases we modified VPNs so more secure protocols and stronger passwords were used.

We detected many of these attempts were coming from the same blocks of IP addresses ranges (mostly in Russia) so these ranges were blocked at internet level so they couldn't reach our clients networks, although we remain vigilant as new IP ranges could be used. After doing this we saw a big decrease in these more persistent hack attempts. Most concerning is that it appeared the intentions of hackers was to encrypt company data once they had gained access to the network so they could demand large ransoms from businesses to decrypt it. Our message to our clients throughout the lockdown and today is to always be vigilant for phishing emails that contain URLs to unsecured websites that may have threats embedded in them as these are still the favoured method internet criminals use to try to gain access to company networks and the data stored on them. We also implemented Microsoft's Safe Links and ESET's Cloud Office 365 Security for some clients who were particularly concerned about these threats. Also, it is vital to ensure you have full sets of backups with file versioning so you are able to restore form prior dates to ransomware attacks.

If you would like more information on securing your network, please contact us on 01603 340095.

call 01603 340095 or email your enquiry below: