<img height="1" width="1" src="https://www.facebook.com/tr?id=1046809342117480&amp;ev=PageView &amp;noscript=1">

VSEC Blog: IT Security Channel News brought to you by Infinigate UK

Share the Infinigate UK Blog on LinkedIn Share the Infinigate UK Blog on Twitter Share the Infinigate UK Blog on Facebook Share the Infinigate UK Blog on Google+ Share the Infinigate UK Blog via Email

How to Secure Your Remote Access from the Changing Threat Landscape

Topics: IT Security, COVID-19, Remote Work, Remote Workforce

Posted: 07 April 2020

Secure Remote Access COVID-19 Blog Header

As COVID-19 spreads and major cities go into lock down, more and more businesses are sending employees home to work remotely. The need for social distancing has become very real very quickly and has seen companies scrambling to implement remote access solutions as quickly as possible. 

In the last few days alone Infinigate UK have seen a 1496% increase in sales of SonicWALL SMA (Secure Mobile Access) units, endpoint protection and SSL-VPN user licenses. What was once a slow growth working trend has now become a must have for many companies to ensure they survive during these trying times.

You may also be interested to read Five Considerations for a COVID-19 Ready Remote Workforce

The Fear Factor


Now, although we have the technology to allow for fluid perimeter protection at our disposal. Implementing such a large migration at such a pace has inherent risks, especially for industries that have little or no experience of a remote workforce such as Government, legal, Insurance and healthcare. Users are moving from secure enterprise networks which have security teams and various technologies monitoring and protecting them, to home networks with minimal if any security during a time of heighted fear within society.


This fear is providing a huge opportunity for threat actors to exploit it. In a very short period of time there have already been multiple reports of malware campaigns themed around COVID-19 , one of which is in the form of a phishing email which contains a compromised PDF which claims to contain Coronavirus safety measures. It has been found that the file is an obfuscated Remcos RAT trojan which works alongside a VBS script that executes the malware. Once executed the malware starts capturing keystrokes and logs them in a .dat file in temporary \onedriv folder which is then exfiltrated to its C&C server. The malware also ensures its continued execution, even after a computer restart, by adding a registry key at HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce, enabling continued theft of user information.


Another phishing-based attack reported was a Microsoft Office document which appeared to have been sent from the Ministry of Health of the People’s Republic of China. The document contains malicious macros and is designed to drop a backdoor onto the host, which then starts key logging and has the ability to take screenshots and capture any data stored in the clipboard.




With the sudden change in the work environment as a result of the ongoing pandemic, users are in a very vulnerable position from a cyber security standpoint. Working from home can lead to a more relaxed mindset to both work processes and security practices. The media are highlighting ways to help people adjust, with suggestions on how to maintain an effective work practice whilst based at home. This is great, but we also need to re-focus our security policies and practices, by instilling a heightened awareness that encourages users to be extra vigilant and aware of the aforementioned tactics currently being used.

[You may also like The Top 5 Cloud Security Challenges Haunting Every IT Manager]


Key Takeaways


Here are 6 simple steps you can take to ensure you stay secure during these trying times:

  1. 1. Implement a secure access solution, preferably SSL based with a restricted role-based access portal.
  2. 2. Implement Multi-Factor Authentication (MFA).
  3. 3. Ensure all end point protection software is running and up to date on existing and newly deployed endpoints.
  4. 4. Limit remote access to must have resources, limit exposure!
  5. 5. Remove local admin rights on all endpoints.
  6. 6. Reinforce IT security best practice and highlight the current COVID-19 based phishing attacks.


You may also be interested in reading more about SonicWall Remote Access Appliances, and SecurEnvoy's offerings.


New Call-to-action

Dion Phillips Senior Technical Consultant, Infinigate UK
Posted by: Dion Phillips
Senior Technical Consultant, Infinigate UK
Share via:

Subscribe to VSEC Blog Updates

Terms and Conditions:
  • When completing this form, you are indicating your consent for this processing activity. By doing this you are providing Infinigate UK with lawful consent to process your submitted personal data for one or both of the marketing purposes below:
    • We will use your details to send you blog updates.
    • We will match your answers to areas of interest which believe you have and may send you additional marketing materials related to those areas.
  • We will keep your personal data for nine months, upon which we will delete your personal data unless you have consented to further processing or we have legitimate interests to retain it. You are free to withdraw your consent at any time by contacting our marketing department or using one of our unsubscribe links in our communications.
  • In some cases where you indicate consent for supplying you with additional promotional marketing material, we will share your personal data with one of our reseller partners, should your areas of interest match a solution or service they provide. We instruct all our reseller partners to communicate this data transfer with data subject affected.
  • Your personal data is stored in a marketing automation solution database, access to this is limited to authorised users and all necessary steps to ensure data security is maintained.

For further information about this form, your rights under the General Data Protection Regulation or how to exercise them, please contact Infinigate's marketing department here.

Popular Posts