WARNING: Covid-19 Increases Security Risk
While the subject line shouldn’t surprise anyone, we are beginning to see more data on the subject. Here are some examples:
Threatpost surveyed their readers about their “comfort level” regarding remote work preparedness. 52 percent – roughly half – said that they “feel” prepared for the transition. 20 percent admitted they were struggling. Given the fact that in normal times we hear about breaches every day, feeling prepared doesn’t give me a lot of comfort. 40 percent say they are seeing an increase in cyberattacks as the move to work from home. That, of course, doesn’t address the VAST majority of small and medium sized businesses that have no monitoring in place to detect such activity beyond traditional anti-virus software, which isn’t really up to the task.
13 percent of the respondents said that they were only ready to move a small part of their workforce to work from home and 5 percent weren’t ready at all.
For 70 percent of the responders, enabling remote work is new for them. I suggest this means that they don’t even know what the attacks will look like, so the 52 percent who “feel” prepared are likely optimists.
In fairness, at least 28 percent said there were “extremely” worried about cyberattacks as they move to more work from home activity.
A different Threatpost article talked about some of the issues facing organizations as they move to major remote work status.
Organizations have traditionally assumed that their perimeter security provided a strong line of defense and, historically, it has been important. Unfortunately, the rapid move to remote work doesn’t give organizations time to plan for the security implications of the move.
Already researchers are seeing an uptick in corona virus themed attacks. This includes remote access trojan (RAT) attacks that quietly take over a user’s system and silently steals their data.
As people work from home, they mix personal and business use of their systems, users get distracted or forget. The hackers take advantage of that.
Then we have a lack of IT resources. It is much easier to support users when they are located in a company office, on a company network and using company computers. Users will try to figure out how to “fix” things themselves when the help desk is not down the hall.
Home WiFi is, for the most part, a dumpster fire, as are home firewalls – if they exist at all. After all, when was the last time YOU patched your OWN home firewall or WiFi access point? When was the last time you checked the security configuration of those devices?
Any company using legacy, proprietary software is also probably at greater risk. Those systems are often designed to work in a closed environment. The software configuration might have to be changed to even work remotely.
Cyber crooks, however, get to take advantage of everything that they have used in the past to try and trick businesses and employees who are operating in a new environment that no one is prepared for and for which no one had time train employees on new and different practices.