Pandemic-Related Rise in Cyber Security Threats

COVID-19 has made organizations more vulnerable to cyber security threats

Cyber security threatThe first Quarter of 2020 wasn’t just a period when COVID-19 started impacting businesses around the world on a massive scale. It also marked a huge surge in cyber-attacks by threat actors who mercilessly took advantage of the pandemic-induced chaos.

In that quarter alone, McAffee Labs observed no less than 375 threats per minute and 458 publicly disclosed security incidents in itsCOVID-19 Threats Report, July 2020. This number of incidents was 41% greater than what it saw in the fourth quarter of 2019. In North America, the jump in incidents from the previous quarter was a whopping 60%.

What threat actors have been up to

As businesses scrambled on a mad rush to roll out work-from-home initiatives and bring a bulk of their operations online, cyber criminals took notice of the rapid increase in vulnerabilities and attack surfaces that were just waiting to be exploited. While IT departments focused on achieving business continuity, many of them simply didn’t have time to put sufficient security controls in place.

The result? A substantial escalation of various types of attack vectors and the emergence of new cybersecurity threats across the board, including:

Many of the attacks took advantage of the general population’s increased activity online. The report revealed that many of the attacks were aimed at cloud solutions as well as Remote Desktop Protocol (RDP), a Windows connection protocol that enables remote workers and IT staff to access corporate resources via the internet.

Since remote work is expected to remain a huge part of the new normal, these attacks won’t be going away soon. Hence, it’s crucial for businesses to employ solutions that can ensure the security of remote work environments. This can be done by using Parallels® Remote Application Server (RAS).

How Parallels RAS secures remote work environments

Parallels RAS is a much safer alternative to accessing corporate resources, like applications and data, from the Internet. Some of its security capabilities include multifactor authentication, encryption protocols, data segregation, and client policies.

Multifactor authentication (MFA)

The most common attacks on RDP involve exploiting weak authentication controls. Some threat actors buy RDP passwords from darknets. This kind of threat can be countered through multifactor authentication so that even if a threat actor gets hold of a user’s password, the threat actor won’t be able to log in without the second (or more) factor(s) of authentication, which can be a text-based one-time password (OTP), a time-based OTP, a secret key or something else, depending on the MFA solution used in tandem with Parallels RAS.

Parallels RAS supports a wide range of MFA options, including Azure MFA, Duo, FortiAuthenticator, TekRADIUS, RADIUS, Deepnet, Google Authenticator or a SafeNet server.

Encryption protocol

Any corporate data accessed through a network, especially one as threat infested as the internet, can be subject to a variety of network-based attacks. One of the most common of these attacks is the man-in-the-middle attack, which enables threat actors to eavesdrop on a connection and steal any sensitive information that passes through (e.g., usernames and passwords).

Parallels RAS mitigates these threats by employing Secure Sockets Layer/Transport Layer Security (SSL/TLS) protocols with Federal Information Processing Standard (FIPS 140-2) protocol encryption. This level of encryption not only prevents man-in-the-middle attacks from succeeding, but it also helps organizations comply with laws and regulations like Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR).

Data segregation

Multitenancy environments, like the ones you see in public clouds, are often susceptible to data leaks. Data leaks can be prevented by enforcing strict data segregation mechanisms. Although most major cloud providers already have these types of mechanisms, Parallels RAS adds another layer of protection with its own data segregation feature. In fact, no applications, desktops or data can be shared between sites in a Parallels RAS infrastructure.

Client policies

Client policies are a powerful set of rules that administrators can define to limit what users can configure or do on their Parallels RAS Client. For example, an administrator might want to prohibit a set of users from changing their connection and print settings. Administrators can enforce policies based on Active Directory groups, end-user devices or even a specific user. Policies can be applied on a wide range of settings including connection, display, printing, scanning, keyboard, server authentication and many others.

In addition to these four security controls, Parallels RAS also offers advanced filtering, kiosk mode, smart card authentication, clipboard restriction and Security Assertion Markup Language Single Sign-On (SAML SSO) authentication. These are just some of the many security controls baked into Parallels RAS that can enable organizations to secure their employees’ remote work environments.

Looking for an easy but highly secure way of delivering applications and data to your end-users? Download a 30-day trial of Parallels RAS.


References:

McAffee

Parallels RAS