Home workers represent one of the biggest vulnerabilities to an organization’s cyber security network. Connected to a home network and without the more comprehensive cyber protection afforded by working from an office, remote workers can be a hacker’s dream, offering multiple avenues of attack.
Bad actors and cybercriminals excel at taking advantage of every flaw, every vulnerability in a system. The current pandemic presents huge opportunities for malicious players willing to profit from stressful times and an atmosphere of fear. Cybercriminals are, and always have been exceptionally adaptable, and in order to be able to remain safe, businesses must match this adaptability.
During the pandemic, the rate of computer viruses reported has increased significantly. The first quarter of 2020 is the perfect example of how cybercriminals took advantage of an ever worsening global situation. January saw a 17 percent increase in viruses, while February saw a 52 percent increase, and March a staggering 131 percent increase, as compared to the corresponding months in 2019. This increase in viruses corresponds with a related increase in phishing attacks, with an average of around 600 new attacks reported every day.
Curiously enough, the same reports have shown that more traditional attacks (botnets, IPS triggers etc) have been dropping off, which indicates how bad actors have optimized their approaches with methods specifically tailored to the current situation.
How are cybercriminals targeting remote workers?
Although the end goal of attacks on remote workers is to steal personal information or to gain access to the company’s network in the hope of extorting money, most start off with phishing. These social engineering-style strategies are designed either to discover enough relevant information to allow bad actors to generate system credentials, or to contain dangerous payloads – ransomware, viruses and remote access trojans.
These malicious packages allow cybercriminals to gain access, remotely, to endpoint systems, and even carry out Remote Desktop Protocol actions. These are usually tightly controlled, but the pandemic times have seen a significant increase in RDP actions, as the huge increase in teleworking has led to the rapid construction of additional IT infrastructure. This new infrastructure, created to enable mass remote working, often does not include the levels of protection that would otherwise exist, including a lack of firewalls or endpoint detection and response solutions.
As businesses pivoted to a remote working scenario so quickly in March and April, not everyone was fully prepared for a full complement of home workers. As a result, some companies found they did not have sufficient appropriate equipment to make remote working secure, in particular when it came to laptops and work phones. Staff who were not previously equipped for a home office situation now tend to be working with their own personal devices, which are unsecure, and used for a variety of non-work related functions. This can expose networks and systems to the malware contained within phishing attacks.
A further complication is the fact that these ‘work’ devices are connected to the home network, along with other computers, games consoles, entertainment systems and even smart appliances, the ‘internet of things’. Hackers don’t have to attack the ‘work’ device directly, if they can gain access to a home network through a partner’s computer, a Google Home device or even a smart doorbell!
How can we protect remote workers?
Remote working looks set to be with us for a while, partially due to the continuing global situation, and partially because organizations have begun to appreciate the benefits it can have as a way of working. However to remain successful and sustainable, companies must be able to protect themselves, and eliminate vulnerabilities. Here are a few things you can do to make home working safer for your employees and your network.
Constant education, training and awareness raising for your staff is one of the best ways to stay safe. So many malicious attacks start with a human element, whether carelessness or through social engineering, so ensuring your staff know what to do and how to stay safe and alert is half the battle. Familiarity with the most common types of attacks, and courses on cybersecurity hygiene and best practice can make a big difference, and should be an ongoing part of any training programme.
An endpoint detection and response solution is vital for organizations with numerous remote workers. EDR solutions are useful tools for both prevention and cure, defending against attacks and responding to attacks that have already occurred.
AI and automation
AI and automation are vital components of any modern cybersecurity network. They are able to compliment cybersecurity teams with vastly increased response time and the ability to analyze far greater amounts of data, as well as using machine learning to automatically detect potentially suspect or malicious activity. AI cybersecurity allows organizations to become far more proactive, identifying and preventing threats before they arise, rather than just dealing with the fallout.
While hackers and bad actors have taken advantage of the pandemic and targeted the resulting vulnerabilities, fear and uncertainty, this doesn’t mean that businesses should panic. With the right measures in place, and by continuing to adhere to good practice in cybersecurity, organizations have the tools and the knowledge they need to keep themselves and their employees secure.
If you want to know more about cybersecurity and how to stay safe, get in touch with our experts who will be happy to discuss how you can protect your business and your employees.