Intelligent CISO Issue 31 | Page 29

Aggressive hackers also make the point of searching for and destroying backup data , to force the victim ’ s company to pay the ransom . editor ’ s question
Thanks to the rush to work from home , now a hacker can compromise a home network ( a much easier target ) and use this as a springboard into the corporate network .
LINUS CHANG , FOUNDER
AND CEO OF BACKUPASSIST
ur biggest concern is the post compromise ransomware attack , which has been made easier thanks to work from home ( WFH ). This is where a successful hacking attack allows a cybercriminal to install ransomware onto a business network to monetise their exploit .

O

?

Prior to 2020 , a hacker would need to compromise a corporate network in order to launch this kind of devastating attack . Penetrating a corporate network , with sophisticated security and firewalls , is non-trivial .
But thanks to the rush to work from home , now a hacker can compromise a home network ( a much easier target ) and use this as a springboard into the corporate network .
With work from home now the norm , millions of employees are using homegrade hardware to perform work duties .
Many will use VPNs ; others use a remote desktop tool or access cloud services .
Worryingly , their home-grade networks are not protected by enterprise-grade firewalls ; instead , security is basic at best and many people leave default passwords on their equipment . Also connected to the home network are machines of other family members – like a laptop owned by their high schooler ,

Aggressive hackers also make the point of searching for and destroying backup data , to force the victim ’ s company to pay the ransom . editor ’ s question

Thanks to the rush to work from home , now a hacker can compromise a home network ( a much easier target ) and use this as a springboard into the corporate network .

or a tablet used by a child . Perhaps there are IoT devices like smart home assistants , fridges or TVs .
Any single vulnerability in these devices can result in the home network being penetrated and , after that , the compromised home network is a convenient springboard to the workplace network . Once they have infiltrated the corporate environment , the hacker can install backdoors that are nearly impossible to detect and then unleash ransomware on the corporate environment . Aggressive hackers also make the point of searching for and destroying backup data , to force the victim ’ s company to pay the ransom .
These risks demonstrate how important it is to keep good backups and protect them with the right tools and security .
The safest form of backup is an offsite , offline backup – I ’ ve never seen a hacker attack a hard drive that ’ s disconnected from a machine . www . intelligentciso . com | Issue 31
29