Office Hours: Webroot and COVID-19 June 23, 2020


Userlevel 7
Badge +48

Hello Webroot Community, 

I wanted to create a space for us to come together and discuss Webroot and COVID-19.

Consider this our office hours. 

In case you might have missed it, we created a page here where we’ll keep a running list of articles, blog posts, and other pieces of content about our COVID-19 response.

If you have specific questions on what we’re doing as a company during the pandemic and our tips for how you can stay cyber resilient in these uncertain times. 

Please add your questions below or join us Tuesday, June 23, 2020, at 1:00 PM - 1:30 PM MT.


This topic has been closed for comments

10 replies

Userlevel 7
Badge +48

Hello Webroot Community! I hope everyone is having a great week! 

We’ll get started in a second with your questions. 

As always, thanks so much for sending us so many questions this week and for participating. 

 

Userlevel 7
Badge +48

 Ok, here we go! 

Do you think working practices will be changed forever after this pandemic? - Joe R.

With the increased use of VPN has anyone had issues with DNS-P working over VPN connections? - James R. 

Have you noticed an increase in viruses and hacking attempts over the Covid lockdown? - Nicola P. 

We have recently seen a surge in companies going back to work as normal. What is webroot's stance on returning to offices and what measures are in place if you do? - Warren T. 

What impact has remote working had on cyber security, with more people working from home has there been an increase in threats. - David J. 

How do we address hardware issues safely at client sites during this time? - David H. 

Are there any major new features that are in the pipeline, or has R&D been impacted by the pandemic-slowdown? - Koby D. 

Userlevel 4
Badge +3

 

Do you think working practices will be changed forever after this pandemic? - Joe R.

 

On the question of working practices, will they change forever after this pandemic. The answer is YES, but not necessarily for everyone.

There will obviously be a realization that productivity does not suffer as much as people expected from allowing  staff to work from home.

Yet, the fact remains that many things are done better with personal interaction.

Large companies like OpenText (15,000 employees), that Webroot are now a part of are looking at all the ramifications working from home has brought.

For instance most of our staff in India have long commute times to work up to three hours a day. Now they are working at home and the commute time is saved, so personal productivity has risen considerably.

So in future the nature of work is going to change. We are seeing an acceleration in organizations’ looking at automation to replace staff, a trend that was already underway. We are also seeing  moves to make work far more flexible and geographically dispersed.

Companies obviously see a benefit in being able to recruit talent globally without the need for visas or work permits. While the world has gone global it's still the case that our governments are very much focused at a country level when it comes to employment, and that is obviously going to change significantly after this pandemic.

Userlevel 4
Badge +3

With the increased use of VPN has anyone had issues with DNS-P working over VPN connections?James R. 

 

VPN compatibility with DNS  is not seeing an increase in issues in any significant way.

We did do a lot of work at the Q&A level to ensure we had great compatibility with a wide range of VPN providers.

If you are having any issues then please call o raise a ticket immediately with support who are there to help you resolve any VPN issues as quickly as possible.

Userlevel 4
Badge +3

 

Have you noticed an increase in viruses and hacking attempts over the Covid lockdown? - Nicola P. 

 

Hacking and Viruses I'm sure my colleague Tyler will respond to this question, he is the threat expert here.  (And he’ll have better stories!)

But, I’m sure he will confirm we have seen a huge increase in attacks aimed at those working from home.

Phishing in particular has seen an X potential growth as it is extensively used to compromise those working at home and gain access to their devices and their host network.

There is a belief rightly or wrongly that home security is even worse than the protection offered in the office. But that is not necessarily true, as we've seen many small and medium sized businesses address the security issues of working from home and try to make the security as effective as working from the office.

Userlevel 4
Badge +3

We have recently seen a surge in companies going back to work as normal. What is webroot's stance on returning to offices and what measures are in place if you do? - Warren T. 

 

Yeah, going back to the Office. I’ve been back twice since March 10th. Webroot’s stance in regard to going back to work as normal is really been determined by OpenText our parent company. They have been running a project call Project Shield , since before the epidemic took hold.

Right now in Colorado (and it does vary by location) only those staff with offices may return and there has been a lot of changes made to the meeting areas and enclosed huddle rooms being closed.

There are mask and hygiene policies in place. But, right now nearly all Webroot CO staff are still WFH and as the restrictions ease we will return in stages.

Right now September 8th is a date we are looking at for further decision to be made and implementing our four stage return to work based upon the Covid situation and medical advice.

Userlevel 7
Badge +24

 Ok, here we go! 

What impact has remote working had on cyber security, with more people working from home has there been an increase in threats. - David J. 

 

Phishing malspam into ransomware is probably the most popular right now. They have adaptive to the COVID19 landscape and basically all of the emails now are around COVID, usually themed with CDC guidelines, COVID testing for free and anything related. The email contains a word doc that wants you to run a macro. Once clicks that enable content button, it will download trickbot or dridex which will analyze the network so criminals can decide what kind of environment they are in and ballpark figure of what they want to charge for ransom. One change that we’ve seen recently is that criminals will now steal the data before they ransom, so in the case that you decide not to pay the ransom because you are able to bounce back without the files they encrypted, they will just auction or release the data so your company faces ramifications of things like GDPR and CCPA. They are trying to create a scenario where paying the ransom is the most attractive option

 

We've seen 2% of all COVID websites created in past few months were malicious. 2000% increase in malicious files with ZOOM in their name. We’ve also seen over  a 40% increase in unsecured RDP machines for remote working. Unsecured RDP is a huge problem because Microsoft allows unlimited login attempts and by anyone from any location - by default when you set it up. So criminals will just brute force their way into environments and have complete control of the machine. 

Userlevel 4
Badge +3

How do we address hardware issues safely at client sites during this time? - David H. 

 

I saw that Server maintenance question and not being a techie in that sense I’m not sure I’m  really qualified to comment upon that, but from a personal recommendation perspective you first need to protect your staff and those of your Client’s.

To do that I’d look at equipping your staff for any essential work in Clients’ premises - masks, rubber gloves, sanitizer, keeping social distancing and probably not allowing more than one individual to be working in a restricted space at a time.

Look at having some redundancy on the server side with virtual standby servers, or staging spare hardware servers for failover, if the server is business critical. So in the event of failure you can rapidly activate and maintain reliability, but avoid emergency callouts.

Being more preventative in monitoring and maintaining servers. 

There are numerous options but in the end it looks like Covid is primarily spread through human to human contact and breathing in the infected aerosol being breathed out by the host.  So minimizing contact by allowing no contact at the Client site, if you have to visit it, and still ensuring you wear good quality N92 masks, washing hand regularly and/or using rubber gloves to stop any surface spread is how I personally would recommend looking at server and in fact any IT Support requiring a physical interaction.   

Userlevel 4
Badge +3

Are there any major new features that are in the pipeline, or has R&D been impacted by the pandemic-slowdown? - Koby D. 

 

You know this R&D question this week is my favorite, as its looking forward. 

Being frank, I think being acquired twice in the past 15 months has had much more impact than Covid, so I’m glad to say that R&D is at normal right now, and maybe even working more productively.

As for new features coming in the next 3-4 months we have lots to be released.

Our endpoint agent technology is going through a complete update, we have brand new patented and updated anti-malware defenses being launched to add to the Script protection and fileless malware we introduced about 5 weeks ago.

There is a brand new console with a new UI and UX experience honed by discovery research we’ve conducted with MSPs over the past 2.5 years.

From early July DNS will natively support DoH (DNS over HTTPS encrypted requests). From my research we are the only commercial and private DNS provider doing this. We are truly trying to support this privacy initiative in handling internet requests, but doing it along with responsible but private security oversight. We are simply not just blocking DoH requests, but handling them like normal ones even though they’re encrypted.

So there is a lot happening in the very near future, and even more I cannot mention yet.

2020 in many ways is seeing Webroot R&D update and innovate across the board, as we go to our next generation of technology to place us at the head of a very competitive pack of vendors now looking to serve MSPs and SMBs as we have done and are doing.      

 

Userlevel 7
Badge +48

Thanks to everyone for joining us today and to @GeorgeA and @TylerM for helping us answer questions. 

If anyone has any additional questions, be sure to stop by next Tuesday at 1:00 PM MT. or add your questions here and we’ll do our best to answer all of them.

Until next week, stay resilient!