Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:00 AM
Shane Buckley
Shane Buckley
Connect Directly
E-Mail vvv

4 Security Tips as the July 15 Tax-Day Extension Draws Near

We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.

For all Americans, April 15 is a critical date on our calendars — the dreaded Tax Day! Then along came the pandemic — expanding the potential attack surface exponentially as the workforce transitioned out of the office — and the deadline to file taxes was bumped three months to July 15.

Well, news flash: That date is nearly here. Keeping in mind that people are often the biggest security risk to an organization, it's up to security leaders to ensure employees do not fall for a last-minute tax-related scam that puts them or their organizations' network in jeopardy. We're continuing to see cybercriminals take advantage of COVID-19, and the extension of Tax Day will be the next technique used in their sophisticated method of attacks.

The Potential for Expanded Phishing Attacks Is Massive
Employees could be easily tempted to click on links that offer opportunities to lower their taxes due to the pandemic or ways to receive quicker refunds. At the same time, the deadline extension widens the window of time cybercriminals have had to access sensitive information and conduct targeted attacks. More people at home means they are also spending more time in front of their screens, which could lead to an uptick in successful attacks. Not only is the action of filing taxes likely digital this year due to the pandemic, but communication with accountants likely is as well. For its part, the US government advises against falling for additional scams, including unknown text messages and robocalls.

Pro tip: Educate your employees about safe computing, with tips for avoiding phishing-style emails specifically related to filing taxes or obtaining refunds. Encourage them to file their taxes outside of working hours or outside of the office (if some are heading back) to avoid extra network risks.

Home Wi-Fi Often Lacks Adequate Security Measures
Employees need to remember that they do not enjoy the same level of security they're used to in the office while they're working from home. Their Wi-Fi networks and infrastructure are not as secure outside of the physical office. Those who file their tax returns on company-issued laptops need to be diligent when choosing the browsers and Wi-Fi networks they're using in order to avoid damage to their organization's sensitive data. Remember to never use public Wi-Fi networks when sharing sensitive personal or business information.

Pro tip: Encourage employees to use secure web browsers and ask their accountants what security precautions they're taking. Also encourage employees to do tax-consultant meetings over video or the phone instead of written communication. That way, less sensitive information is captured in writing and transferred. These precautions will keep the organization's confidential information and data safer.

Pay Attention to Your Corporate Network
Many organizations still rely on users VPN'ing in to access legacy corporate applications, particularly in healthcare and finance. As mentioned, the potential for host (endpoint) infection is higher with a more remote workforce, which also means greater potential for pwnd (compromised) devices accessing sensitive corporate systems. What about users accessing corporate applications via the Transport Layer Security (TLS) protocol? The same risk applies there, too. If that device has been taken over, the access mechanism doesn't really matter.

What does matter is complete visibility into traffic coming in and out of applications. That means being able to inspect not just VPNs but also encrypted traffic including TLS 1.3. Eliminating blind spots is even more important with a remote workforce, especially when dealing with sensitive personal and financial information when filing taxes.

Pro tip: Inspecting all application traffic can be overwhelming. Instead, look into technologies that allow you to identify, isolate, and extract traffic by applications. [Editor's note: The author's company is one of several providers that offer such technology.] This will allow you to pay closer attention to sensitive applications while easing security tools from the burden of inspecting lower-priority traffic.

Nothing beats being prepared for a crisis. To avoid the major stresses and potential headlines that come with a massive breach — from an insider threat, nonetheless — now is the time to review (and update) your security strategy and crisis plans, and educate your employees about safe digital practices. However, if your organization does fall victim to an attack between now and the Tax Day deadline of July 15, it's critical to be able to stop it before it infiltrates the entire system. Having visibility into east-west traffic is also critical to the containment. The pandemic has caused an increase in security threats, and therefore demand on security teams, and we can all learn and grow from this new threat landscape together to ensure we're better-suited for future attacks.

Related Content:

Shane Buckley is President and Chief Operating Officer of Gigamon with responsibility for expanding the company's business and markets worldwide. He brings more than 20 years of executive management experience to the team and joins Gigamon from Xirrus where he was CEO prior ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Digital Clones Could Cause Problems for Identity Systems
Robert Lemos, Contributing Writer,  8/8/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-08-12
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a dir...
PUBLISHED: 2020-08-11
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged ...
PUBLISHED: 2020-08-11
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible f...
PUBLISHED: 2020-08-11
django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
PUBLISHED: 2020-08-11
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183