Endpoints: The New Front Line in the Battle Between Good & Evil
As one might expect, cybersecurity experts are reporting a clear and significant uptick in COVID-19-related cyberattacks over the last month, from authentic-looking phishing emails to DDoS onslaughts against major health organizations.
One way in which hackers are looking to gain access to sensitive data is via ‘endpoints.’ These are the devices and portals used by employees to do their work, which include cell phones, tablets, laptops, desktop computers and even connected IoT devices.
Shamrock Consulting Group is determined to help businesses shore up their defenses, including their endpoint protection. Read on to find out how we’re doing it.
Hackers LOVE Targeting Endpoints
There are two main reasons why cybercriminals are turning their attention towards endpoints en masse.
First, endpoints are more easily breached. Networks tend to have solid security systems in place and are pretty zero-touch (no human-error!). In contrast, endpoints are where humans and machines intermingle. All it takes is a clever phishing email or an infected app installation targeted at some unassuming user’s endpoint, and the hacker is in.
Second, the COVID-19 outbreak has led to a booming remote workforce, and thus a corresponding explosion in the number of endpoints connecting into company networks from outside the company perimeter. This massive shift in the security landscape (for the worse) is like honey to a bear when it comes to criminals looking to make a quick buck or wreak havoc on a weakened society.
Companies need to take these adaptations seriously and introduce measures to reduce exposure and mitigate damage by preventing an escalation of privileges in the event that a device is breached.
Reducing your endpoint attack surface while limiting the impact of endpoint breaches is often termed ‘endpoint hardening.’ Below are two of the most effective ways in which you can immediately trip up any would-be attackers.
Want to learn more about endpoint protection?
Put Your Apps in Isolation
Quick show of hands for those who regularly check in with some kind of COVID-19 heat map to find out how the disease is spreading, number of active cases, fatalities etc…
Anyone? No one?? Bueller?!?
Actually, a lot of you probably do, it’s just tough to get an exact count through my keyboard.
Point is, it’s human nature to want to stay informed, especially when it comes to an even of this magnitude. Cybercriminals are aware of this need, too, and they’re tapped into it by creating uber-authentic looking COVID-19 heat map apps. One such app was linked to a recent ransomware scam (COVIDLock), with victims instructed to hand over BitCoins in order to keep their data from being deleted. Falling for this hack would be bad enough if you accessed on a private device, but what if sensitive corporate data is also being held on that same device?
Apple and Google have both responded swiftly by clamping down on COVID-related apps, but it only takes one compromised app to slip through the net to cause serious problems.
How do you protect an employee’s device from a rogue app like this? What’s more, how do you even know if an employee’s cell phone or laptop isn’t already teeming with malware eagerly waiting to snoop around your corporate network as soon as the infected user connects into your network?
The best solution is to commission specific work-only devices for your remote workforce and to remove all unnecessary apps and features. This goes beyond a simple factory reset, as you also need to remove pre-installed apps. Once completed, you can then install only the enterprise-grade apps your employees need in order to do their individual jobs, and ban them from downloading any other apps onto their device.
If you don’t have the resources to supply every remote worker with a company device, you will need to ensure your that endpoint protection solution includes app isolation technology. This will shield important apps from danger while ‘whitelisting’ a select list of supported apps. It will also alert users if they inadvertently download a dodgy app like the COVID-19 heat map discussed above.
Patch Hygiene: The IT Equivalent of Washing Your Hands
Another reason why hackers are sniffing around endpoints is because they know that remote working has made patch management, well, kind of patchy.
Applying updates and patches is a reasonably easy task when all devices are permanently logged into well-defended corporate networks. But when devices are only connecting in sporadically, as is the case with fully remote workforces, updates can be missed, leaving software vulnerable.
The recent ransomware attack on the computer systems of Hammersmith Medicines Research is believed to have been carried out using an exploit kit against a known vulnerability.
To defend against similar attacks, businesses need a patch management system as part of their endpoint hardening strategy. You also need a solution that offers powerful endpoint visibility. This will ensure that the update status of every endpoint in your network is known, including those that are rarely connected. As a bonus, you’ll also have the ability to take inventory of all endpoints and spot any unauthorized ‘shadow IT’ devices that may be hiding out and waiting to strike.
Get the Best Endpoint Solution for Your Business with Shamrock
It isn’t just the hacker community who have started showing increased interest in endpoints. Endpoint security vendors have also been busy, rolling out feature-rich products and multi-layer endpoint agents that claim to protect devices from every threat under the sun, even if they don’t.
To help you navigate this growing minefield, Shamrock has carefully vetted all the top endpoint security players in the market, and we can advise you on which of our top-tier partners deliver a solution that’s best suited for your business.