How COVID-19 Response Is Expanding the Cyberattack Surface

As organizations of all sizes respond to the COVID-19 pandemic by enabling vast numbers of employees to work from home, cybersecurity leaders are facing a sudden expansion of the attack surface. In addition to helping employees avoid falling prey to the plethora of coronavirus-related malware campaigns and scams currently circulating, organizations would do well to closely monitor the tools being used to enable a suddenly remote workforce. This post is intended to provide guidance for security teams, sysadmins and end users alike about the VPNs, SMTP servers, Windows Remote Desktop Protocols, browsers and routers working overtime to keep organizations up and running.

Managing risks with a distributed workforce can be tricky, and threat actors will continue to be a constant challenge for organizations with remote workers. From remote connections over a corporate VPN to the added risk of employees at home, there’s a lot of ground to cover. Staying informed about your organization’s threat landscape can help you stay ahead of emergent threats and cyber risks. A list of Tenable plugins to identify the vulnerabilities highlighted in this blog post is available here. For guidance on specific vulnerabilities, reference the linked articles below.

For more detailed technical information, please see our blog.