We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.

Shane Buckley, President & Chief Operating Officer, Gigamon

July 10, 2020

4 Min Read

For all Americans, April 15 is a critical date on our calendars — the dreaded Tax Day! Then along came the pandemic — expanding the potential attack surface exponentially as the workforce transitioned out of the office — and the deadline to file taxes was bumped three months to July 15.

Well, news flash: That date is nearly here. Keeping in mind that people are often the biggest security risk to an organization, it's up to security leaders to ensure employees do not fall for a last-minute tax-related scam that puts them or their organizations' network in jeopardy. We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.

The Potential for Expanded Phishing Attacks Is Massive
Employees could be easily tempted to click on links that offer opportunities to lower their taxes due to the pandemic or ways to receive quicker refunds. At the same time, the deadline extension widens the window of time cybercriminals have had to access sensitive information and conduct targeted attacks. More people at home means they are also spending more time in front of their screens, which could lead to an uptick in successful attacks. Not only is the action of filing taxes likely digital this year due to the pandemic, but communication with accountants likely is as well. For its part, the US government advises against falling for additional scams, including unknown text messages and robocalls.

Pro tip: Educate your employees about safe computing, with tips for avoiding phishing-style emails specifically related to filing taxes or obtaining refunds. Encourage them to file their taxes outside of working hours or outside of the office (if some are heading back) to avoid extra network risks.

Home Wi-Fi Often Lacks Adequate Security Measures
Employees need to remember that they do not enjoy the same level of security they're used to in the office while they're working from home. Their Wi-Fi networks and infrastructure are not as secure outside of the physical office. Those who file their tax returns on company-issued laptops need to be diligent when choosing the browsers and Wi-Fi networks they're using in order to avoid damage to their organization's sensitive data. Remember to never use public Wi-Fi networks when sharing sensitive personal or business information.

Pro tip: Encourage employees to use secure web browsers and ask their accountants what security precautions they're taking. Also encourage employees to do tax-consultant meetings over video or the phone instead of written communication. That way, less sensitive information is captured in writing and transferred. These precautions will keep the organization's confidential information and data safer.

Pay Attention to Your Corporate Network
Many organizations still rely on users VPN'ing in to access legacy corporate applications, particularly in healthcare and finance. As mentioned, the potential for host (endpoint) infection is higher with a more remote workforce, which also means greater potential for pwnd (compromised) devices accessing sensitive corporate systems. What about users accessing corporate applications via the Transport Layer Security (TLS) protocol? The same risk applies there, too. If that device has been taken over, the access mechanism doesn't really matter.

What does matter is complete visibility into traffic coming in and out of applications. That means being able to inspect not just VPNs but also encrypted traffic including TLS 1.3. Eliminating blind spots is even more important with a remote workforce, especially when dealing with sensitive personal and financial information when filing taxes.

Pro tip: Inspecting all application traffic can be overwhelming. Instead, look into technologies that allow you to identify, isolate, and extract traffic by applications. [Editor's note: The author's company is one of several providers that offer such technology.] This will allow you to pay closer attention to sensitive applications while easing security tools from the burden of inspecting lower-priority traffic.

Nothing beats being prepared for a crisis. To avoid the major stresses and potential headlines that come with a massive breach — from an insider threat, nonetheless — now is the time to review (and update) your security strategy and crisis plans, and educate your employees about safe digital practices. However, if your organization does fall victim to an attack between now and the Tax Day deadline of July 15, it's critical to be able to stop it before it infiltrates the entire system. Having visibility into east-west traffic is also critical to the containment. The pandemic has caused an increase in security threats, and therefore demand on security teams, and we can all learn and grow from this new threat landscape together to ensure we're better-suited for future attacks.

Related Content:

About the Author(s)

Shane Buckley

President & Chief Operating Officer, Gigamon

Shane Buckley is President and Chief Operating Officer of Gigamon with responsibility for expanding the company's business and markets worldwide. He brings more than 20 years of executive management experience to the team and joins Gigamon from Xirrus where he was CEO prior to its 2017 acquisition by Riverbed Technology. Prior to that, Shane served as the General Manager and Senior Vice President at NETGEAR, where he led its commercial business unit to 50% revenue growth over two years. Before NETGEAR, Shane was President and CEO of Rohati Systems, a leader in cloud-based access management solutions, and COO at Nevis Networks, a leader in secure switching and access control. Shane is a graduate of engineering from the Cork Institute of Technology in Ireland.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights