CERT-In warns Firms about increasing Cyber-Attacks on VPN
On Tuesday, Computer Emergency Response Team of India (CERT-In) warned of increased cyber-attacks, including 'social engineering hits', on virtual private networks (VPN) being used by organizations these days with a plan to facilitate work from home for their employees in view of the nationwide lockdown against the COVID-19 pandemic.
Updated: Apr 15, 2020 16:19 IST
| |CERT-In suggests organizations to stay alert of Cyber-Attacks on VPN
The Federal cyber-agency CERT-In warned about social engineering attacks where cheats pose as genuine back-end support and obtain sensitive data from gullible employees. These particular trends have emerged due to the increase in online activity during the ongoing lockdown to contain the spread of COVID-19.
The coronavirus (COVID-19) pandemic has led many organizations worldwide to restrict their employees from coming to work in the office. The organizations have advised them to maintain social distancing and to continue working from the safe environment of their homes to contain the COVID-19 spread. CERT-In said "Organisations are using enterprise VPNs for communicating through emails, video conferencing and other chat tools. A VPN enables communication through secure online servers using encryption of data."
CERT-In directs measures to be taken
CERT-In directed the organizations to sensitize their employees against increased phishing attempts. The cybercriminals send emails or text messages posing as genuine people and take sensitive information. It has suggested the companies some counter-measures and best practices for using VPNs. It asked then to included increased scrutiny of unauthorized activity using log analysis, detect attacks in a timely manner and respond to incidents.
The companies should check their systems for distributed denial of service (DDoS) attacks on VPN servers. A cybercriminal can block the service of the online system to the intended use by triggering malicious activity. Therefore, it recommended multi-factor authentication (MFA) for using VPN accounts in order to "avoid any unauthorized activity during work from home, organizations should enable an MFA solution on all VPN accounts leading to better data security".
The agency also reiterated that the latest software patches should be used and advanced security configurations deployed in order to keep the VPN safe.