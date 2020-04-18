SAN FRANCISCO: Hacking activity against corporations in the United States and other countries more than doubled on some measures last month when digital thieves took advantage of security weakened by the home work pandemic policies, the researchers said.

Corporate security teams have a harder time protecting data when it is dispersed on home computers with very different configurations and on remotely connected company machines, experts said.

Even remote workers using virtual private networks (VPNs), which establish secure tunnels for digital traffic, are adding to the problem, officials and researchers said.

Security and software company VMware Carbon Black said this week that the ransomware attacks it monitored increased 148% in March from the previous month, as governments around the world slowed down the movement to curb the new coronavirus, which has killed more than 130,000.

"A digital historical event is taking place at the bottom of this pandemic, and a cybercrime pandemic is occurring," said VMware cybersecurity strategist Tom Kellermann.

"It is easier, frankly, to hack a remote user than someone sitting within your corporate environment. VPNs are not bulletproof, they are not the most important thing."

Using data from the American team Cymru, which has sensors with access to millions of networks, researchers at Arctic Security in Finland found that the number of networks experiencing malicious activity was more than double in March in the United States and in many European countries in Compared to January, shortly after the virus was first reported in China

The biggest jump in volume came when computers responded to scans when they shouldn't have. Such scans often look for vulnerable software that allows for deeper attacks.

The researchers plan to publish their findings country by country next week.

Rules for secure communication, such as banning connections to disreputable web addresses, tend to apply less when users take computers home, said analyst Lari Huttunen of Arctic.

That means that previously secure networks can be exposed. In many cases, corporate firewalls and security policies had protected machines that had been infected by viruses or targeted malware, he said. Outside of the office, that protection can snap off, allowing infected machines to communicate again with the original hackers.

That has been exacerbated because the sharp increase in VPN volume led some stressed technology departments to allow less stringent security policies.

"Everyone is trying to maintain these connections, and security controls or filtering are not maintained at these levels," said Huttunen.

The cybersecurity agency of the United States Department of Homeland Security (DHS) agreed this week that VPNs bring with them a number of new problems.

"As organizations use VPNs for teleworking, malicious cybercriminals find and attack more vulnerabilities," the DHS Cybersecurity and Infrastructure Agency wrote.

The agency said it is more difficult to keep VPNs up-to-date with security fixes because they are used around the clock, rather than at a time that allows for routine installations during daily starts or stops.

Even vigilant home users can have problems with VPNs. The DHS agency said Thursday that some hackers who broke into VPNs provided by San Jose-based Pulse Secure before the patches were available a year ago had used other programs to maintain that access.

Other security experts said financially motivated hackers used pandemic fears as bait and restructured existing malware such as ransomware, which encrypts a target's data and demands payment for its launch.

