Hackers Attacking Companies Through Employee Online Activities

Special Correspondent

🎙️ Voice is AI-generated. Inconsistencies may occur.

Since the onset of the pandemic, the FBI has seen cyberattacks jump by at least 300%. As the office space entered the home, more workers became lax with their cyber precautions.

Twenty percent of U.S. companies reported a security breach tied to a remote worker, according to a report by Malwarebytes.

Notorius Hacker Advertized SolarWinds Access

"A report conducted by Code42 found that since the pandemic's onset six out of 10 IT security leaders cited their remote workforce as the cause of a data breach." tommaso79/Getty

The May attack on the Colonial Pipeline is believed to have originated through the compromising of an employee password that allowed hackers to infiltrate company accounts.

Last year's attack on SolarWinds involved the compromising of company email accounts, as noted in a blogpost by SolarWinds CEO Sudhakar Ramakrishna reported by CRN, a computer trade magazine, in an article titled SolarWinds CEO Confirms Office 365 Email 'Compromise' Played Role In Broad-Based Attack.

"We've confirmed that a SolarWinds email account was compromised and used to programmatically access accounts of targeted SolarWinds personnel in business and technical roles, " Ramakrishna said. "By compromising credentials of SolarWinds employees, the threat actors were able to gain access to and exploit our Orion development environment."

This method continues to serve as a hacking model, with Nobelium, the Russian group responsible for the SolarWinds attack, targeting more than 150 other organizations using malicious email downloads.

Coordinated efforts to compromise a company's security by the targeting of individual accounts won't go away. However, as the lines between home life and work life blur as more employees work from home, hackers are finding it easier to get at the companies that employ them.

"A lot of people are beginning to bleed home work with work work in such a way that they're using their work laptop at home to do things like stream movies or download games," Joe Payne, CEO of Code42, a cybersecurity company, told Newsweek. "Anytime you download anything from the internet there's an increased risk of downloading some malware, some kind of virus, etcetera, particularly when you're doing illegal things."

Highly publicized pay-per-view sporting events consistently generate tongue-in-cheek conversations around illegal streaming options on social media platforms like Twitter. Triller, a video sharing company that's hosted pay-per-view boxes bouts, believes some 2 million people streamed the fight between Jake Paul and Ben Askren illegally.

"Anytime you download anything from the internet there's an increased risk of downloading some malware, some kind of virus, etcetera, particularly when you're doing illegal things," Joe Payne, CEO of Code42, told Newsweek. Code42

Payne said downloads from these websites work by "cracking a door into your computer" where they take advantage of vulnerabilities within the computer's operating system to extract information. This can lead to sensitive, private information being stolen from the user's computer which can be held for ransom.

If these attacks happen on a personal computer, the attack may be confined to the devices on the user's network. Yet, if the user's work computer is on that network, the attack can span across one's entire company.

Payne said the phenomenon of "island hopping" allows hackers to move between devices to hack a company. He said once a bad actor enters a network, they can hunt through other devices within the company.

As they move through, they can use coding to grant themselves higher company privilege levels, allowing them to potentially gain access to the information stored within the devices of a company's CEO.

President Joe Biden and Russian President Putin

Last month, President Joe Biden took steps to protect against these attacks through an executive order aimed to improve the nation's cybersecurity. Here, President Biden and Russian President Vladimir Putin shake hands prior to discussing... Peter Klaunzer—Pool/Keystone via Getty Images

A report conducted by Code42 on data exposure found that since the onset of the COVID-19 pandemic, that six out of 10 IT security leaders cited their remote workforce as the cause of a data breach. Over the past year, 76% of these leaders experienced one or more data breach with nearly 40% of those attributed to employee carelessness.

Last month, President Biden took steps to protect against these attacks through an executive order aimed to improve the nation's cybersecurity by removing barriers to information sharing between the public and private sectors, establishing a cybersecurity safety review board, and boosting the cybersecurity standards of the federal government, among other things.

While these actions represent a step in the right direction, hackers across the world continue to refine their craft. And with enterprise criminal hacking raking in an estimated $1.5 trillion annually through their attacks, companies do not have the luxury of having their employees learn the significance of the threat by making a mistake.

"Try to keep your work and your personal life separate when you're on your computer, even if you're at home and even if you're working from your desk," Payne said. "Think of antivirus software as medicine, which if you infect yourself may help, but just don't infect yourself in the first place."

Correction 7/2/21 7:25 EST: This article was updated to include quotes from SolarWinds CEO Sudhakar Ramakrishna describing the methods used by hackers to "gain access and exploit [the] Orion development environment." We regret any confusion that may have been caused by our previous description of Mr. Ramakrishna's remarks.