Support the news
The coronavirus isn't a computer virus, but cybersecurity experts warn it could lead to virtual infections.
Many companies that usually handle sensitive information in their offices are now telling employees to work from home. And that can make them more vulnerable to hackers — especially if workers browse certain websites they wouldn't visit when the boss is watching.
In other words, porn.
Porn is one of hackers' favorite tools, and it may be more effective if a company's employees decide that what's typically NSFW — not safe for work — is safe for working from home during the coronavirus outbreak.
"I mean, adult sites have always been in the top three categories of websites hosting malicious content," said Tyler Moffitt, senior threat research analyst at Webroot, which was acquired by Boston-based Carbonite last year and is now part of a bigger company called OpenText. "So, yeah, I would say that is a reasonable assumption — that we're going to see an increase, due to porn at home. You know, these cyber criminals are seizing on this opportunity during a difficult time of pandemic."
The website Pornhub reports traffic is indeed spiking during the outbreak.
Even workers who aren't surfing porn may be susceptible to hacks because they're doing their jobs at home, according to Tom Kellermann, head of cybersecurity strategy at VMware, whose cybersecurity division is based in Waltham.
"There has been a dramatic increase in cyber crime and cyber attacks over the past two weeks, targeting Americans, as the greater hacker community of the world appreciates that Americans are now working outside of their corporate firewalls," he said.
Kellermann and other security experts said they can't quantify the increase, but they offered examples of hack attempts. Many prey on fear and desperation, according to Peter Bauer, chief executive of Mimecast, a British firm whose North American headquarters is in Watertown.
"We're seeing things like scams going out via email that are posing as Costco, luring people in to be able to stock up on emergency things," he said.
Hackers don't really want to sell toilet paper and Purell, obviously. So what do they want?
FBI director Christopher Wray explained some of the motivations when he spoke at Boston College a couple of weeks ago, shortly before such public gatherings were discouraged or banned.
"They're targeting companies producing everything from proprietary rice seeds to software for wind turbines to high-end medical devices," he said. "And they're not just targeting innovation and R&D. They're going after cost and pricing information, internal strategy documents — pretty much anything."
Anything that could be held for ransom or sold to a competitor, perhaps in China, said Wray.
There's no perfect defense against hacks, but workers can lower their risk by practicing something called "digital hygiene," said Andy Ellis, chief security officer of Akamai Technologies in Cambridge.
"At the same time that every time you walk into the bathroom you should wash your hands for 20 seconds and scrub and take that good time, you need to do the same thing when you're working in the electronic world," he said.
Good digital hygiene can include cleaning old documents out of your Dropbox or Google Drive, so they're not just sitting there if your account is compromised, according to Ellis.
It can also include staying off porn sites.
This segment aired on March 20, 2020.
Support the news