| VECTOR | WHAT | HOW |
| Denial of Service | Denial of Service is an uncommon attack but can be disruptive to corporations. DOS is rarely used on individuals, but any individual’s device may be compromised with malware to perform a DOS against a network or a WFH device to bring down a corporation’s network. | Any common malware infected on a home network through a teen’s device can spread through the router onto a WFH device. If the malicious actor’s goal is to bring down a corporation rather than steal from it, then a DOS attack can be performed. If a VPN guards the connection between the WFH device and the corporate network, the VPN itself can be a victim of DOS. Outgoing VPN connections can be spoofed via session flood, overloading the VPN’s resource allocation. |
| Ransom-Ware | Ransomware is a highly lucrative attack vector involving the capture of information for ransom. | A teen’s embarrassing or illegal messages, photos, or videos may be captured and held for ransom. Victims may be coerced into performing clandestine acts, commonly compromising their employers, such as a teen being coerced into downloading malware on a parent’s WFH device. Lucrative information is often passed through VPN tunnels due to a false sense of security provided by VPNs, allowing for better data capture by black hats. Corporations victim to ransomware often have no choice but to pay the egregious ransom. |
| Watering Hole Attack | A Watering Hole Attack is a website commonly used that suddenly turns malicious or is hijacked, and trusting users are infected. | Teens going to illegal movie streaming sites may trust one as it has never had malware. Once trust has been established, it is exploited to infect a user’s device with malware. WFH devices are sometimes configured to prevent WHA, but many times the attack vector is from a site trusted by the corporation. |
| IoT Attack | Internet of Things Attacks uses home network devices like thermostats or AI assistants to exploit devices connected to the network. | A teen might purchase a used audio speaker or other auxiliary devices on eBay, unaware that it has corrupted firmware. When that device connects to WiFi it could exploit the home network and eventually the WFH devices. VPNs are many times unable to prevent IOT attacks due to IOT devices residing inside of the network with full credentialed access. |