Thursday, May 8, 2025
HomeCyber AttackDon’t Become a COVID-19 Identity Exploit Statistic

Don’t Become a COVID-19 Identity Exploit Statistic

Published on

SIEM as a Service

Follow Us on Google News

Hackers love chaos because it presents new opportunities for exploit and COVID-19 is no exception. Companies everywhere have rushed to provide work from home remote access to practice sheltering in place.

This confusion gives criminals the perfect set of ingredients needed for a successful hacking recipe.

Krebs On Security published a scheme based on a legitimate interactive dashboard of Coronavirus infections produced by John Hopkins University.

- Advertisement - Google News

A Russian language cybercrime forum is using this to sell a kit for $200 to use in phishing emails. When unsuspecting victims click on a fake map, they are infected with a password-stealing malware.

It’s certainly interesting to read about these scams that use tools like AZORult to steal credentials. However, this is just your standard phishing attack.

A bad guy sends you an email, if they are good it peaks your interest, you get tricked to click on something and they steal from you. Obvious moral to this story – be careful on what you click.

This article started talking about COVID-19 presenting new opportunities to exploit, as it relates to work from home. The new opportunity is the massive increase of work from home employees using remote access technologies. This creates a big security hole, as both workers and IT are working with new processes.

Remote access is nothing new for your average IT person but rolling out a work from home strategy to the entire workforce in a week is.

To complicate matters is the whole issue that most workers have never worked from home.

Common everyday tools like email, phone, the software used to manage customers – just work differently when not sitting at your everyday desk. Every work from the home users can attest to this.

This most common work from home access is generally provided using a combination of 3methods:

  • VPN access
  • Web applications
  • Laptops and virtual desktops

All companies have firewalls that can provide a VPN (virtual private network) access. Simply purchase licenses, have users install a special client or go to a URL like vpn.yourcompany.com and workers have access to the network. 

The beauty of cloud apps like Office365, Salesforce, Dropbox, etc. is they can be accessed from anywhere. Go to the website and workers are ready to do their job.

There are an unlimited number of legacy apps that need to be loaded upon an actual Windows or Mac operating system.

Shipping home a laptop is a very logical thought – that’s what they were made for.  To save on a laptop is a perfect use case for VDI (virtual desktop infrastructure) solutions by Microsoft, Google, VMware, Citrix, AWS, etc. to prove web browser access to a desktop.

These are all great solutions and are quick and easy. Each has security concerns but there is a massive commonality across all of them.

Full access to corporate data is granted from anywhere and ONLY protected by a password.

To make matters worse, outside of the laptop, workers are accessing from a home machine that is questionably secure at best – meaning there is probably malware on it stealing passwords.

By and far, the best way to ensure only the right person is accessing these resources – is the use of MFA (multi-factor authentication).

In addition to a username and password, an additional factor of authentication such as a mobile app push notification, text message, email or phone call is used. This measure alone makes all of the stolen, weak and default passwords outlined by Verizon DBIR as the number 1 method of attack almost worthless.

While a seemingly commonsense measure, MFA is often overlooked. While many small and mid-sized companies often lack strong security programs, that is not an excuse. Adding MFA as COVID-19 spikes demand for remote access needs to be the top security priority. Hackers will quickly discover those vulnerable and will strike.

Author: Brian Krause

Brian leads Idaptive’s Channels Team. He spends his time working with IT leaders and technology partners to build identity practices, to serve the complex needs of a rapidly transforming business environment.

Latest articles

Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers

Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score...

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux,...

Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks

Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security...

Seamless AI Communication: Microsoft Azure Adopts Google’s A2A Protocol

Microsoft has announced its support for the Agent2Agent (A2A) protocol, an open standard developed...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Critical Vulnerability in Ubiquiti UniFi Protect Camera Allows Remote Code Execution by Attackers

Critical security vulnerabilities in Ubiquiti’s UniFi Protect surveillance ecosystem-one rated the maximum severity score...

IXON VPN Client Vulnerability Allows Privilege Escalation for Attackers

A critical security vulnerability in IXON’s widely used VPN client has exposed Windows, Linux,...

Cisco IOS Software SISF Vulnerability Could Enable Attackers to Launch DoS Attacks

Cisco has released security updates addressing a critical vulnerability in the Switch Integrated Security...