Difference between revisions of "Remote Access"

From SI410
Jump to: navigation, search
(added section "safeguards to remote access" + relevant sources)
(added illustration: components of RAT)
Line 63: Line 63:
  
 
=== Malicious variants ===
 
=== Malicious variants ===
 +
[[File:RAT.png|thumbnail|A RAT is a swiss army knife of sorts, it consolidates a number of tools into one package. image via Cisco Blogs]]
 +
 
Remote Access Trojans (RATs) are a form of malicious software that allows an outside source to gain unauthorized access to a user’s device in a similar manner to remote access software. Known for their longevity and ability to reemerge after time spent dormant, RATs are one of the most dangerous forms of cybercriminal activity. <ref>“Remote Access Trojan Detection: Software &amp; RAT Protection Guide.” DNSstuff, 2 Feb. 2021, www.dnsstuff.com/remote-access-trojan-rat. </ref>
 
Remote Access Trojans (RATs) are a form of malicious software that allows an outside source to gain unauthorized access to a user’s device in a similar manner to remote access software. Known for their longevity and ability to reemerge after time spent dormant, RATs are one of the most dangerous forms of cybercriminal activity. <ref>“Remote Access Trojan Detection: Software &amp; RAT Protection Guide.” DNSstuff, 2 Feb. 2021, www.dnsstuff.com/remote-access-trojan-rat. </ref>
  

Revision as of 12:10, 10 April 2021

Remote access, also known as remote desktop, is the ability to access a computer or device from any remote location.[1] By installing remote access software, it is possible to gain full control of a secondary device, including running applications and accessing files.

Remote access is typically used to allow employees to access company data or servers from different locations, but may also be used as a form of remote administration.[2] Remote desktop programs have also been increasingly implemented for educational purposes following the COVID-19 pandemic, but the expanded use of these softwares has led to increased security and ethical concerns.

Remote access allows for wireless connection to servers from any location. [3]

Requirements

Remote access software has been implemented at an exponentially faster rate since the start of the COVID-19 pandemic as a means of maintaining Center for Disease Control (CDC) social distancing guidelines while still allowing employees access to company resources. [4] This has resulted in a wide variety of remote access softwares being created for targeted use, marking a 281% increase in traffic in remote desktop products.[5] However, while individual applications function differently across devices, certain procedures must be followed that are uniform among all remote access platforms. [6]

Basic outline for remote access system. [7]

Remote Access Application

To access any device remotely, the correct software must first be downloaded and installed on all of the devices involved in the remote access setup. Remote desktop products are typically available in three models: hosted service, software, and appliance.[8]

Hosted services are rented access to applications/infrastructure components on external service providers. [9] In order to utilize hosted services and access software/data, one must log into remote servers via the Cloud. Hosted services include infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and many more. Examples of hosted service providers are Amazon.com Web Services and Google Cloud Platform. [10] [11]

Hosted software and applications are owned and licensed software/applications that are installed and run on an external datacenter, differing from the rented access of software as a service. Unlike the pay-as-you-go model of hosted services, a user purchases hosted applications and software outright and has full ownership and maintenance of the software/application they choose to install and host on external service providers. [12] An example of a hosted application is Wordpress. [13]

Hosted appliances are preconfigured in-house solutions deployed with a user's own virtual cloud solution, in which an office is one's own cloud. Opting for hosted appliances ensures better security within the office while losing scalability and peak management of hosted services. Examples of hosted appliances are Dropbox , IBM Cloud and Oracle Cloud.[14]

Internet connection

A stable internet connection is needed in order to effectively use remote access features. Once the proper applications are installed, the software on the device can be opened and used to remote into the device of a user’s choice. The remote connection should be instant and continuous as long as neither computer is turned off or disconnected from the internet.

Implementation

Business

Remote Workers

Many businesses have taken advantage of the accessibility of remote access software to hire employees that do not live near their office of employment.[15] This has resulted in workers accessing company servers and data across distances and time zones, allowing for a much broader and diverse workforce. Similarly, remote administration has also been implemented by many businesses as a means of solving IT issues that arise. While previous models required on-site technical support, remote access applications have allowed support staff to access user devices from an external site. This, in turn, has streamlined the troubleshooting process as it allows for technical support workers to implement shutdown functions, access peripheral networks, and view and modify files and data stored on the user computer. [16]

Accessibility

One notable development in the accessibility of remote working is the potential for physically handicapped employees to work from home. It is estimated that only 40% of adults aged 25 to 54 in the United States with disabilities have a job. [17] This is mainly due to the barriers posed to people with disabilities in the conventional working environment. The use of remote access software has allowed for handicapped workers that are unable to physically enter a workplace environment to work from the comfort of their home instead. This has led many organizations to espouse optimism on the increased accessibility of working environments for handicapped employees as the conventional workplace moves increasingly online. [18]

Education

Remote access schooling has become commonplace since the start of the COVID-19 pandemic. As of September 2020, students have used remote access software as a means of accessing school computers in order to access homework and educational material provided by the school district. Through remote access, programs that would otherwise require the purchasing of licenses, such as video editing, animation, 3D designing, and other educational software, have become available to educators and students at any time. [19] [20]

Education has also been facilitated through remote access learning by introducing one on one communication between students and teachers. Remote access software has been used by educators to remote into student devices in order to perform demonstrations for concepts directly onto a student's screen.

Associated Risks

Cyber Security

Remote access client devices generally have weaker protection than standard client devices. Many devices used with remote access software are not managed by the enterprise, resulting in no protection from existing firewalls and antivirus present on corporate-owned devices.[21] Additionally, client remote access devices often lack physical security controls. These devices are more commonly stored in bags or in homes that are not afforded the same physical protection provided to devices stored in an enterprise building. Finally, remote access communications can be carried out over untrusted networks, increasing the risk of losing private or personal data while communicating with a remote device.[22]

Example security network designed to protect remote access systems. [23]


A brief overview of the risks associated with remote access software include:

  • Monitoring of communications over a network
  • Deployment of rogue wireless access points
  • The exploitation of client devices through other practices designed to collect sensitive data (phishing, keylogging, etc.)
  • Unauthorized access to resources by a third-party
  • Loss of remote access devices to untrusted parties
DDOS Attacks

Distributed Denial of Service (DDoS) attacks pose an increasing privacy concern for those utilizing remote access services. DDoS attacks take the form of flooding (more specifically ICMP or SYN floods) or crashing of web services that prevent legitimate users from accessing remote access services. The largest DDoS attack recorded occurred in 2018, where the large-scale code-hosting service Github was targeted. [24]

As of January 2021, over 33,000 Windows remote desktop products have been identified as vulnerable to large-scale DDoS attacks across a variety of international borders. The effects of attacks on services like these include loss of company or private data as well as breaches in contracts between users[25]. In order to avoid these attacks experts recommend tactics such as using a Virtual Private Network (VPN) in order to avoid direct access to the system servers. Other forms of basic protection include implementing complex passwords, anti-phishing measures, and secure firewalls on sensitive devices. [26]

Privacy

With the implementation of remote access software allowing employees to work from anywhere, employees are able to access intellectual property information from unsecured remote locations, outside perimeter-based security measures that have been implemented within office environments. As a result, these unsecured work environments can lead to inadvertent and nefarious unauthorized data leaks. As noted by data ethics experts, employees can use their remote access positions to leak or sell sensitive information to consumers. [27]

Steps taken to mitigate the unethical use of sensitive data by employees include using the REVISE framework in order to guide intervention policies. [28] The REVISE framework is composed of a 3-principle framework:

  • Reminding emphasizes the effectiveness of subtle cues that increase the salience of morality and decrease the ability to justify dishonesty
  • Visibility refers to social monitoring cues and aims to restrict anonymity, prompt peer monitoring, and elicit responsible norms.
  • Self-engagement increases the motivation to maintain a positive self-image and generates personal commitment to act morally.

Malicious variants

A RAT is a swiss army knife of sorts, it consolidates a number of tools into one package. image via Cisco Blogs

Remote Access Trojans (RATs) are a form of malicious software that allows an outside source to gain unauthorized access to a user’s device in a similar manner to remote access software. Known for their longevity and ability to reemerge after time spent dormant, RATs are one of the most dangerous forms of cybercriminal activity. [29]

This malicious software type is bound by the same requirements as typical, legal remote software programs. However, RATs tend to be installed without user knowledge, avoiding firewalls and anti-virus scans in order to collect sensitive user data and control outside devices.

Notable examples of RATs include:

  • Snort
  • OSSEC
  • Zeek
  • Suricata
  • Sagan

Safeguards to Remote Access

Portable devices and Web-based technology enable remote access by providing off-site access to work-based applications and facilitating the transport of large amounts of data with a minimum of resources. Privacy and security rules do not prohibit remote access, but they do require that organizations implement appropriate safeguards to ensure the privacy and security of protected information.[30] Technological safeguards that are independent of policies and procedures are preferable. To be most effective, they should either be supported by the organization from the moment of installation or be a prerequisite to granting permission for remote access. They may include:

  • Establishing a virtual network with controlled access developed to the organization’s specifications. This approach is best because the work product never leaves the site. A small risk exists for unauthorized screen scraping (when a computer program extracts data from the display output of another program) and creative data downloads. There are added set-up and maintenance costs with this option.[31]
  • Maintenance of encryption, password management, virus protection, and patch updates on portable and home devices. These activities protect the application, the device, the network, and the data. However, such safeguards are cumbersome to operate and interfere with the user’s work, thus encouraging work-arounds. Cutting-edge technology with safeguards invisible to the user may reduce work-arounds but increase cost.

In the absence of technological safeguards, compliance may be achieved through administrative safeguards. They include policies, procedures, and workforce education, training, and awareness. Examples include:

  • Requiring specialized remote access user agreements delineating obligation to adhere to administrative, technical, and physical safeguards designed to protect the privacy and security of electronic information. [32]
  • Prohibiting taking work off-site. Work product that does not leave the premises is protected by whatever security features are installed on-site and in a well-functioning, controllable environment. However, emergencies must be handled by on-site staff or await reinforcements. [33]
  • Requiring anyone who takes work off-site on his or her own initiative to assume responsibility for its security and maintain virus protection, patch updates, dispose of confidential waste, and log out. If remote access is for user convenience, strict policies must be developed and enforced including requiring adequate security in the off-site environment.

References

  1. Jackins, T. (2021, March 09). What is remote access? Connect to your computer from anywhere. Retrieved March 12, 2021, from https://www.splashtop.com/what-is-remote-access
  2. Rosencrance, L. (2020, April 14). What is remote access? - definition from whatis.com. Retrieved March 12, 2021, from https://searchsecurity.techtarget.com/definition/remote-access#:~:text=Remote%20access%20is%20the%20ability,they%20are%20physically%20far%20away
  3. Editor. (2019, August 24). Remote access Service (RAS). Retrieved March 12, 2021, from https://networkencyclopedia.com/remote-access-service-ras/
  4. Covid-19 guidance: Businesses and employers. (n.d.). Retrieved March 12, 2021, from https://www.cdc.gov/coronavirus/2019-ncov/community/guidance-business-response.html
  5. Remote desktop software statistics and trends. (2020, July 1). https://www.trustradius.com/vendor-blog/remote-desktop-buyer-statistics-and-trends.
  6. Written by Jennifer van der Kleut for NortonLifeLock. (n.d.). Remote computer access: What is it and what are the risks? Retrieved March 12, 2021, from https://us.norton.com/internetsecurity-how-to-remote-computer-access.html
  7. How it works. (n.d.). Retrieved March 12, 2021, from http://plcremote.net/how-it-works/
  8. Ken. (2019, April 23). How to ensure better productivity? Vpn access vs. remote access. Retrieved March 12, 2021, from https://remoteaccess.itarian.com/blog/how-to-ensure-better-productivity-vpn-access-vs-remote
  9. Moore, J., & Wigmore, I. (2018, October 30). hosted services. SearchITChannel. https://searchitchannel.techtarget.com/definition/hosted-services
  10. Amazon Web Services (AWS) - Cloud Computing Services. (n.d.). Amazon Web Services, Inc. https://aws.amazon.com/
  11. Google Cloud. (n.d.). Cloud Computing Services |. https://cloud.google.com/
  12. Kienitz, P. (2020, May 19). Technology 101: What is Hosted Software? DCSL Software Ltd. https://www.dcslsoftware.com/technology-101-what-is-hosted-software/#:%7E:text=Hosted%20software%20means%20having%20your,As%2DYou%2DGo%20model
  13. WordPress.com. (n.d.). WordPress.com: Create a Free Website or Blog. https://wordpress.com/
  14. Salinger, Y. (2019, September 16). IaaS, PaaS, SaaS and hosted appliances: Making sense of the cloud and what it offers. ITProPortal. https://www.itproportal.com/features/iaas-paas-saas-and-hosted-appliances-making-sense-of-the-cloud-and-what-it-offers/
  15. Is it time to let employees work from anywhere? (2020, March 04). Retrieved March 12, 2021, from https://hbr.org/2019/08/is-it-time-to-let-employees-work-from-anywhere
  16. FinSMEs. (2020, April 21). The benefits of IT support in a remote environment. Retrieved March 12, 2021, from https://www.finsmes.com/2020/04/the-benefits-of-it-support-in-a-remote-environment.html
  17. Stengel, G. (2020, April 20). Working from home opens the door to employing people with disabilities. Retrieved March 12, 2021, from https://www.forbes.com/sites/geristengel/2020/04/20/working-from-home-opens-the-door-to-employing-people-with-disabilities/?sh=6502eb5414bf
  18. For those with disabilities, shift to remote work has opened doors (video). (2020, October 27). Retrieved March 12, 2021, from https://www.csmonitor.com/Business/2020/1027/For-those-with-disabilities-shift-to-remote-work-has-opened-doors-video
  19. Jackins, T. (2021, February 24). Remote access in education - CLASSROOM, EdTech, and support. Retrieved March 12, 2021, from https://www.splashtop.com/remote-access-education-uses
  20. School Computer Labs Made Inaccessible by COVID-19 Generate Increased Demand for Splashtop Remote-Access Software, uk.advfn.com/stock-market/stock-news/83272466/school-computer-labs-made-inaccessible-by-covid-19.
  21. Lisa Ashjian Mar 11. “Secure Remote Access Explained.” AT&T Cybersecurity, cybersecurity.att.com/blogs/security-essentials/secure-remote-access-explained.
  22. “Security Concerns with Remote Access.” Https://Csrc.nist.gov/CSRC/Media/Events/HIPAA-Security-Rule-Implementation-and-Assurance/Documents/NIST_Remote_Access.Pdf, NIST, csrc.nist.gov/CSRC/media/Events/HIPAA-Security-Rule-Implementation-and-Assurance/documents/NIST_Remote_Access.pdf.
  23. “Corporate Firewall.” Corporate Firewall - an Overview | ScienceDirect Topics, www.sciencedirect.com/topics/computer-science/corporate-firewall
  24. What are Denial of Service (DoS) attacks? DoS attacks explained. (n.d.). Norton. https://us.norton.com/internetsecurity-emerging-threats-dos-attacks-explained.html
  25. Arntz, P., & ABOUT THE AUTHOR Pieter Arntz Malware Intelligence Researcher . (2021, January 29). RDP abused for DDoS attacks. Malwarebytes Labs. https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/01/rdp-abused-for-ddos-attacks/.
  26. Bojana DobranProduct Marketing Manager at phoenixNAP. Researcher and writer in the fields of cloud computing, & Product Marketing Manager at phoenixNAP. Researcher and writer in the fields of cloud computing. (2021, February 10). 7 Proven Tactics To Prevent DDoS Attacks: Make a Security Plan Today! phoenixNAP Blog. https://phoenixnap.com/blog/prevent-ddos-attacks.
  27. Khan, Roomy. “Work From Anywhere Trend Intensifying Ethics, And Compliance Issues.” Forbes, Forbes Magazine, 10 Nov. 2020, www.forbes.com/sites/roomykhan/2020/11/06/work-from-anywhere-trend-intensifying-ethics-and-compliance-issues/?sh=4d734e412f38.
  28. Ayal, Shahar, et al. “Three Principles to REVISE People’s Unethical Behavior.” SAGE Journals, journals.sagepub.com/doi/full/10.1177/1745691615598512.
  29. “Remote Access Trojan Detection: Software & RAT Protection Guide.” DNSstuff, 2 Feb. 2021, www.dnsstuff.com/remote-access-trojan-rat.
  30. Cross, MargartAnn. “PDAs Chase Workflow Improvements.” Health Data Management, May 2006: 61–62. Accessed: April 10, 2021.
  31. Health Insurance Portability and Accountability Act of 1996. Public Law 104-191. 164.306(a).Accessed: April 10, 2021.
  32. McDougall, Paul. “Scrambling Data Is Easier than Stopping Its Theft.” Information Week, September 19, 2006: 27.Accessed: April 10, 2021.
  33. Centers for Medicare and Medicaid Services. “HIPAA Security Guidance.” Available online at www.cms.hhs.gov/SecurityStandard. Accessed: April 10, 2021