CERT-In issues warning on cyberattack threats on VPN, also suggests methods to tackle it

By: |
Updated: Apr 15, 2020 5:54 PM

It also suggested some counter-measures and best practices for using VPNs, including increased monitoring of illegal activity using log review, prompt identification of attacks and reaction to incidents.

It recommended multi-factor authentication (MFA) to use VPN accounts.

Federal security agency CERT-In on Tuesday warned of intensified cyber-attacks including “social engineering hits” being used by organizations on virtual private networks (VPN) these days to promote work from home for their workers in view of the nationwide lockdown to fight the COVID-19 outbreak.

Computer Emergency Response Team of India (CERT-In) warned in a fresh advisory about social engineering attacks in which cheats pose as legitimate back-end help and capture confidential data from gullible employees.

The security agency has said that the coronavirus pandemic has prompted many companies around the world to prevent their workers from coming to work in the office and to encourage them to maintain social isolation and continue to operate from their homes’ safe atmosphere. Companies use corporate VPNs to connect through emails, video conferencing and other communication devices. A VPN allows communication using data encryption through secure online servers. With a large number of organizations using VPN for business continuity, it said attackers are seeking vulnerabilities for various cyber attacks to threaten organizations.

Therefore, the agency suggests organizations to set up a program in collaboration with their IT workers to protect the VPN service to preserve business confidentiality, credibility and availability. It also suggested that organizations should raise awareness among their employees about increased phishing attempts where cybercriminals send emails or text messages posing as legitimate individuals and taking sensitive information.

The agency also warned of attacks on social engineering amid pandemics such as COVID-19. Employees need to be alerted to these attacks in which fraudsters could pose as a legitimate organization and send emails to obtain confidential personal or organizational information, the cybersecurity agency suggested.

It also suggested some counter-measures and best practices for using VPNs, including increased monitoring of illegal activity using log review, prompt identification of attacks and reaction to incidents.

They should also test their systems for attacks on VPN servers in support of distributed denial of service (DDoS). In this, a cybercriminal blocks the online system’s operation to the intended customer by creating a malicious activity.

It recommended multi-factor authentication (MFA) to use VPN accounts to prevent any suspicious behaviour during work from home and organisations should allow an MFA solution on all VPN accounts to enhance data protection and If MFA can not be enforced, it should be recommended to employees to use strong passwords to block any account takeover attacks. The department has reiterated that “the latest software fixes” and improved protections should be used

Get live Stock Prices from BSE, NSE, US Market and latest NAV, portfolio of Mutual Funds, calculate your tax by Income Tax Calculator, know market’s Top Gainers, Top Losers & Best Equity Funds. Like us on Facebook and follow us on Twitter.

Financial Express is now on Telegram. Click here to join our channel and stay updated with the latest Biz news and updates.

Next Stories
1Micromax will launch its new In-branded smartphone on November 3 to take on Xiaomi, Realme and others
2New WhatsApp update finally lets you mute those annoying chat groups forever
3Oversight Board starts accepting appeals on Facebook, Instagram content removal