Employees in many sectors have had their working lives drastically changed as a result of the COVID-19 pandemic. Millions were forced into remote working in order to contain the spread of the virus, and as a result, created new challenges for business leaders. Most notably, cyber security.
This article looks at how businesses can mitigate cyber security threats in new working dynamic.
For many years, there was a growing movement of remote, blended and home working for modern-thinking businesses – but this mass acceleration of its implementation has left many companies wondering what they can do to help their workers and save their firm from any serious threats.
True impact of COVID-19
It is no secret that the pandemic has changed the world beyond recognition, and that every facet of daily business has evolved at breakneck speed. This is especially true for the technical aspects of working life and the increasing likelihood of a cyber attack.
Chris Ross, SVP Sales at Barracuda Networks, comments: “COVID-19 has changed our way of working and intensified cyber threats facing businesses within a very short space of time. What’s more, the disruption to businesses around the world has left many companies struggling to maintain security and business continuity, after a string of budget cuts and lost profits.
“Cybercriminals have unfortunately, but inevitably, taken the opportunity to capitalise on weakened businesses, remote workers, and flooded services. Public sector, healthcare, business and education institutions have been hit with a multitude of cyber attacks, ranging from phishing, malware and ransomware.
“Although ransomware and phishing has been around for more than two decades, the threat has accelerated vastly as a result of the pandemic.”
Barracuda’s own research found that 46% of global businesses have encountered at least one cyber security scare since shifting to a remote working model during the COVID-19 lockdown. What’s more, 49% say they expect to see a data breach or cyber security incident in the near future due to remote working. A further 51% said they have already seen an increase in email phishing attacks since shifting to a remote working model.
But, why has there been an increased threat?
Charlie Wedin, Partner and cyber security expert at international law firm Osborne Clarke, said: “As a result of COVID-19 forcing vast numbers of people to work from home, the potential ‘attack surface’ of companies has been increased as remote connection tools and protocols are used more often. We have seen a considerable rise in attacks seeking to exploit vulnerabilities in those remote working tools since the start of the COVID-19 pandemic. There has also been a shift in the targeting of phishing attacks. Attackers are taking advantage of COVID-19 interest and playing on fears, using themed phishing and malware campaigns, as well as impersonation of COVID-19 authorities to engage targets.”
This increase in the threat can be put down to a number of reasons, but one of the primary ones has been the increased number of devices that are using company data.
Colin Blumenthal, Managing Director at Complete I.T., part of Sharp UK, explains: “With more people working from home during lockdown, there has been an increase in the number and type of devices used by employees for work. These devices, or endpoints, are unlikely to be covered by a business’ existing security plan. Ensuring that you have full control and visibility over all devices that have access to or store company data is imperative when it comes to securing business systems and following regulations.”
Due to the sudden nature of the pandemic and its impact on the working environments many have found themselves in over the last few months, remote working has created many threats that were previously less of an issue.
Catherine Aleppo, Head of Cyber at Aston Lark, comments: “Most organisations are not prepared for mass migration to remote working. Quite understandably, the main priority has been to continue trading, even if it has meant risking the use of unencrypted laptops with poor security.
“When employees access a company network remotely using just a username and password, it’s much easier for a hacker to gain access. Remote desktop protocol compromise often stems from a phishing attack, tricking victims into sharing their credentials. This enables the attacker to log in to the network posing as a legitimate user. If user permissions are unrestricted, the hacker can roam undetected, creating chaos. Typically this is done by stealing data, installing ransomware or simply sending out emails purporting to be from an employee instructing funds to be transferred.”
‘Never trust, always verify’
The statistics and experts within the cyber space paint a bleak picture of the situation, and due to the state of business and economy during these last few months, it is hardly surprising. However, there are some plans that could save many businesses from falling to a cyber threat.
The latest trend in cyber attack prevention during the pandemic has been the adoption of ‘Zero Trust’ policies. Although it has been in place in businesses across the world over the last few years, its popularity has reached an all-time high due to the severity of the threat during lockdown.
Instead of assuming everything behind a company’s firewall is safe, the ‘Zero Trust’ model assumes every access point is a potential breach and therefore verifies every access request as though it originates from an open network. Every access request is fully authenticated, authorised, and encrypted before a user is granted access. According to a recent poll by Deloitte, 37.4% of security professionals say the pandemic has sped-up their organisations’ Zero Trust adoption efforts.
Jesper Frederiksen, Vice President and General Manager EMEA, OKTA, said: “While we’ve seen success with organisations quickly scaling remote working security tools, for many this short-term firefighting approach isn’t sustainable. Now more than ever, with this new dynamic way of working, businesses need to make security a top priority. Companies should be investing in security skills and cultivating IT teams that can sustain and keep a remote workforce secure.
“Zero Trust throws away the idea of a trusted internal network versus an untrusted external network; instead, we should consider all network traffic untrusted. The core principle of Zero Trust is to ‘never trust, always verify’.”
Two other plans to ensure a company has a first line of defence against any threat is employee engagement, and making sure supply chains and sister companies are all on the same page.
Chris Connell, Deputy VP Global Sales and Director of European Operations at Kaspersky, said: “The most important policy that businesses should be focusing on at this point in time is awareness. Now that employees have become more responsible for ensuring the security of their company, it is up to the employer to arm them with the necessary tools and knowledge to do so. Given that 73% of workers say they have not had any additional IT security awareness training after they switched to working from home full-time, it is not surprising that businesses may have experienced more cyber threats. Leaders should also be thinking about how to deliver cybersecurity training in effective ways for homeworkers.”
Wedin continues: “Human error remains a key contributor to cyber incidents and that risk can be exacerbated by remote and blended working. Clear and concise engagement with staff on the risks they face, including in relation to phishing awareness and device security, need to be delivered in an engaging way to seek to mitigate that risk. It is worth considering carrying out some targeted phishing testing to raise awareness. Businesses should also be proactive in asking their suppliers and contractors what they are doing to bolster their own cyber defences and to be able to respond remotely to any incidents. Supply chains introduce further cyber vulnerabilities to one’s own organisation.”
Importance of correct technology
If a business seeks out professional advice when looking at dealing with the impact of COVID-19 on remote, home and blended working, they will first suggest implementing the correct software and technology.
Connell said: “To help employees manage their online security, businesses should be installing reliable security solutions on all devices that handle corporate data. This includes antivirus software and the use of services that implement end-to-end encryption, to ensure that all sensitive information is covered with multi-layered security.”
Other cyber attack prevention tools that can be utilised include using a virtual private network (VPN), spam filters, phishing-detection systems, advanced firewalls, malware detection, block lists, back-up protection and continuous staff training on the latest threats and prevention tactics.
However, as the threat level intensifies in both the volume and technical difficulty, revolutionary technologies can be used to protect companies. This includes artificial intelligence, virtual and augmented reality (VR/AR).
Frederiksen comments: “AI can provide an additional security and information layer by identifying suspicious behavioural patterns. As more and more data is created, the attack surface grows, creating further access points for criminals to exploit. By integrating automation and AI, organisations can empower their teams to manage cybersecurity measures in the most effective way possible.”
Ross continues: “The virus has initiated a shift in behavioural change and rapid technology adoption. Advancements in technologies like AR/VR/MR allows people to work, talk, and socialise across an organisation platform. These technologies are affordable and readily available now and the COVID-19 pandemic has provoked a rise in a new phenomenon, where many more companies will become reliant on tools like AR and VR to work and shop. The time is right to scale technologies like AR, VR, and mixed reality and accept them as fully developed technologies that are just as reliable as laptops and smartphones.”