The Computer Emergency Response Team of India (CERT-In) has warned of intensified cyber-attack threats including social engineering hits on the virtual private networks (VPN) used by the organisations for promoting work from home (WFH).
This comes in the wake of nationwide lockdown to fight the COVID-19 outbreak wherein companies across the globe have promoted WFH.
CERT-In warned in a fresh advisory about social engineering attacks in which fraudsters could pose as a legitimate organisation and send emails to obtain confidential personal or organisational information.
Therefore, to fight the cyber- attacks, the agency has suggested the organisations to set up a program in collaboration with their IT workers to protect the VPN service. This will preserve business confidentiality, credibility and availability. Additionally, the organisations should also raise awareness among their employees about increased phishing attempts.
CERT-In has also suggested some counter-measures and best practices for using VPNs, including increased monitoring of illegal activity using log review, prompt identification of attacks and reaction to incidents.
Further, it has guided the organisations to test their systems for attacks on VPN servers in support of distributed denial of service (DDoS). In this, a cybercriminal blocks the online system’s operation to the intended customer by creating a malicious activity.
It recommended multi-factor authentication (MFA) to use VPN accounts to prevent any suspicious behaviour during WFH and organisations to allow an MFA solution on all VPN accounts to enhance data protection. CERT-In adds that in case MFA cannot be enforced, employees should be recommended to use strong passwords to block any account takeover attacks.