Today I discuss an attack vector conducive to cross-organizational spread, in-home local propagation. Though often overlooked, this vector is especially relevant today, as many corporate employees remain working from home.
In this post, I contrast in-home local propagation with traditional vectors through which a threat (ransomware in particular) spreads throughout an organization. I discuss the reasons this type of spread is problematic for employees and corporations alike. Finally, I offer simple solutions to mitigate the risk of such tactics.
Why Should IT and Security Stakeholders Care?
Today’s long cycle attacks are often reconnoitering the victim environment for weeks, if not months. In this time, the attacker gains a tremendous amount of knowledge about systems in the victim’s footprint. This additional loiter time in the victim’s environment, coupled with ad-hoc maintained work-from-home environments, presents both an ingress avenue for attacks into their network as well as an egress avenue for attack out of your network into your employees’ personal devices.
- Traditional Spread — For some time in 2020, even with a shift to WFH, ransomware…