Turns out that many organizations worldwide have unknowingly sent employees to work from home with already-infected endpoint devices during the COVID-19 crisis.
New findings from security firms Arctic Security and Team Cymru show that some 50,000 US organizations had infected devices that have been moved from the relative safety of the corporate network to home networks in the rush to empty offices amid the pandemic.
"Our analysis indicates that the employees' computers were already hacked before COVID-19 made the news, but were lying dormant behind firewalls, blocking their ability to go to work on behalf of the threat actors," Lari Huttunen, senior analyst at Finland-based Arctic Security, said in a statement. "Now those zombies are outside firewalls, connected to their corporate networks via VPNs, which were not designed to prevent malicious communications."
Overall, the number of compromised organizations in Europe and US has more than doubled between January and March, the researchers said.
A listing of free products and services compiled for Dark Reading by Omdia analysts to help meet the challenges of COVID-19.