Remote working, e-learning: ‘A playground for hackers’

A Purdue cybersecurity expert says hackers are taking advantage of COVID-19 via people working remotely. (image courtesy: Clint Patterson/Unsplash)

WEST LAFAYETTE, Ind. (Inside INdiana Business) — While a lot of attention has been placed on good personal hygiene to prevent the spread of the coronavirus, a Purdue University expert in cyber forensics says good cybersecurity hygiene is critical as more employees work out of their homes.

Professor Marc Rogers warns unscrupulous hackers will take advantage of crises, like the coronavirus pandemic, by breaking into company operations with weaker security systems and defrauding people of personal, sensitive information.

“Criminals will use the crisis to scam people for money, account information and more. With more people working from home, people need to make sure they are practicing good cybersecurity hygiene, just like they would at work,” said Rogers.

Companies, school districts and universities are taking unprecedented steps in the wake of COVID-19 by telling employees to work remotely and for students to work online from home.

“A lot of major companies and schools made everybody go home happened literally within days. And that just wasn’t enough time even for the companies to really do what they should have done to make sure that everybody has that level of security on their home systems with laptops that they should be.”

Rogers says there are potentially significant cybersecurity hazards from large numbers of the workforce operating out of their homes.

“This strategy to move to the online cyber and virtual realm, at least in the interim, is happening with no real thought about the cybersecurity implications,” said Rogers in an opinion article for The Hill, a Washington D.C.-based political newspaper.

Purdue says Rogers has almost 25 years of experience in public- and private-sector consulting in the area of information technology security, and has consulted for the military, law enforcement and some of the largest financial and health care providers in the world

Rogers says cyberattacks have already occurred within the federal government, including an attempted online break-in of the U.S. Department of Health and Human Services, as it responds to the coronavirus pandemic.

“Scammers are sending fake emails and setting up fake COVID-19 health information websites, trying to phish user IDs and passwords,” wrote Rogers.

He says other cybercriminals are pretending to raise money to assist with replacement lunch programs for students or the isolated elderly.

“No one should be surprised to see a jump in cyber-criminal activity, as these people are opportunistic. We find ourselves in the perfect storm for cyberattacks.”

Rogers says since networks will now be extended to homes during this time, similar cybersecurity policies, practices and standards that someone would adhere to if they were physically sitting at work or school need to apply.

He thinks K-12 school systems that haven’t used e-learning methods on a wide scale are highly vulnerable.

“They’re not business per se, their job is education. And unless they’ve been doing distance learning for a long time, this just becomes a playground for hackers.”

Beyond cybersecurity concerns, Rogers thinks the nation’s digital infrastructure could become overwhelmed as social isolation puts more burden on telecommunications.

”Internet and mobile network operators will find their resources pushed to the maximum, resulting in communication outages, both internet and cell.”

In an interview with Inside INdiana Business, cybersecurity expert Marc Rogers says cyber criminals are taking advantage of the coronavirus.