Call Centers Use Case

Call center activity implies processing vast amounts of sensitive user data, such as names, credit card data, and social security numbers, on a daily basis. The trade of such information on the dark web is a highly lucrative activity; needless to say it can also be leveraged to deploy a ransomware attack on the organization whose clients use the services of the call center. But there is another hidden danger behind call centers: they are usually located in offshore locations where security standards are not subject to diligent controls. In other words, by making their way into the network of such call center, hackers can then island-hop their way into the corporate network of the organization using call center’s services.

After all, criminals never miss a chance to leverage an enticing target, especially when it’s pretty much an easy-win for them.

One of the most recent attacks on call centers happened in January of 2022. It was the Sykes breach that was carried-out through a compromised account and leaked the access credentials and personal information of about 366 corporate customers of Okta. The tech giant claimed that the threat actor only had control of the compromised workstation for 25 consecutive minutes, but regardless of the duration of the impact, customer trust may be hard to recover.

As companies continuously enhance their security architecture to prevent cyber incidents and protect their “crown jewels”, hackers are looking for new ways to access data and infiltrate systems. Breaching a third-party contractor of a company, such as their call center, is clearly one way of doing so. The DuskRise solution enables enterprises worldwide to secure their remote workers and offsite contractors by allowing them to use a protected connection to access their workstations, no matter where they are located.

In the aftermath of Covid19, airlines and airports all over the world found themselves in an increasingly vulnerable position with respect to new cybersecurity threats. Accounting for all associated risks, corporate IT departments are focusing on prevention and mitigation mechanisms for the common DDOS, ransomware, and other types of attacks. Yet there is one spot in the new attack perimeter that security teams lack visibility into: the networks of all employees working remotely.

With the emergence of Covid-19, the air transportation industry had to employ critical measures to protect the health of employees and keep operations running smoothly. One of these measures was the transition to remote work, which led to increased cybersecurity risks for corporate networks, as remote workers entered into constant interaction with the enterprise's IT infrastructure.

“It was only recently I was going through an airport and I realised how much is now automated, unmanned systems.
The more unmanned devices or systems there are, for example ticketing and baggage operations, the more threats are attracted.”
- Jake Moore, Global Cybersecurity Advisor at ESET.

Indeed, the increased level of automation in the air transportation industry can lead to hugely disruptive consequences in case of a major breach. But yet another attack vector is all the sensitive information stored on companies’ servers.

In 2018, a data breach impacted 380,000-500,000 customers of British Airways, compromising login details, payment card details, and travel booking details. This data breach went undetected for over two months.

Now, with the adoption of remote work policies, hackers will attempt to leverage the unsupervised remote networks to access company assets through

Prioritize security when outsourcing operations.

Call centers are a hot target on cyber attackers’ radar

Remote network is now the office network

Device

App

Dashboard

Cloud

Manage new vulnerabilities with a single platform