The Covid-19 pandemic is playing havoc with nations for almost two years. Cybercriminals and clandestine networks are capitalizing on the situation to profit off the workforce and organizations. By shifting from on-site work to Work-From-Home (WFH) and teleworking, global businesses have inadvertently created a broad attack surface for cyber pests. IT departments at hospitals and other industries are staying vigilant due to ever-growing malware variants and social engineering attacks.
Since WFH has become a global demand, both national and international companies are badly affected due to the exponential growth of cyber-attacks. According to computerweekly.com, many Chief Information Officers (CIOs) in Saudi Arabia have quickly adapted to security challenges posed by staff working from home. The lockdowns across the globe led to the massive surge in remote working, virtual education, online shopping, and Zoom meetings that result in opening the floodgates of cybersecurity threats and attacks.
According to McAfee Threats Report 2020, cyber-attacks have witnessed a massive surge (605%) in the second quarter of 2020. In fact, the WFH business model requires the workforce to work remotely through cloud computing. McAfee reported 7.5 million attacks on cloud users.
Government and businesses must figure out ways to stay safe in the face of notorious Covid-19 themed cyber-attacks. In this guide, we will shed a light on WFH, potential cyber threats to staff working from home, and remedial measures.
What Are the Potential Cyber Threats to Staff Working from Home?
The Covid-19 and cyber-attacks on remote workers have brought businesses to a standstill. Cybersecurity threats and attacks are increasing exponentially. Reuters reported that cybersecurity threats and attacks, such as malware, ransomware, phishing, grew from fewer than 5,000 per week in February 2020 to more than 20,000 per week in April 2021. The U.S Federal Report also reported an intense spike in the number of cyber-attacks and most of them are malware and phishing attacks. Threat actors were exploiting the inadequacy and fragility of the IT infrastructure that could support remote working.
As per Google’s Threat Analysis Group, 18 million malware and phishing Gmail messages have been detecting per day related to Covid-19.
According to Maen Ftouni, a country manager at email security firm Mimecast, cyber threat actors are carrying out different cyber-attacks, such as ransomware, impersonation, and phishing to compromise office networks, cloud services, and remote employees.
The following graph demonstrates WFH arrangements that open up new possibilities for cyber-attacks.
Moreover, the attack surface has been expanded due to the massive use of personal devices, such as home computers, phones, tablets, and other digital devices. Many of these devices are not effectively optimized for security.
Vulnerable Targets and Targeted Locations
Since most employees are working from home, there is a high dependency on home computers, tablets, and mobile devices. Therefore, organizations, as a last resort, enable their staff to save company data at home computers, but unfortunately, these devices are not as secured as corporate systems are. Home setup lacks defense-in-depth strategies, such as the use of Intrusion Prevention System (IPS), Intrusion Detection System (IDS), Security Information and Event Management (SIEM) tool, Security Orchestration, Automation, and Response (SOAR) system, and even a lot more.
Moreover, corporate data is being stored in innumerable targeted locations due to distributed employees. As a result, threat actors are capitalizing on this situation to attack home computers.
Too Much Data Sharing on the Internet
Data at rest is more secure than data at motion or in the cloud. If the computer system is switched off, no one can access the data even if the system is not properly protected. Working from home enables malicious actors to intercept data that is being transmitted on the internet. Innumerable employees are sharing too much data on the internet, which can be Personally Identifiable Information (PII), banking detail, credit card data, corporate secrets, and so forth.
Hence, the confidentiality of sensitive data is highly at risk. Public internets are often insecure. Most employees aren’t security savvy. They lack cybersecurity training and awareness.
Lack of IT Support
Almost every modern organization includes an IT department that assists employees in resolving their IT-related issues, including cybersecurity issues. Today’s enterprises incorporate Security Operation Centers (SOCs) that are equipped with highly-skilled cybersecurity professionals and industry-leading security tools, such as SIEM and SOAR. Working from home environment lacks these security facilities. Distant security approaches aren’t as effective as on-site security strategies are. Therefore, most security issues remain unresolved that further lead to data breaches.
Bad Impact on Businesses
There is an uncertainty, climate of fear, doubt, and urgency. Even people’s bread and butter or incomes are lost, reduced, or threatened. Health crises are in the limelight. The social and political spectrum has also become unbalanced and fragile. Regulatory bodies are creating new rules, regulations, and advice that is sometimes awkward for the masses. For instance, people are hardly following the social distancing rules.
Precautions: How Can I Safely Work from Home?
The threat landscape is changing by leaps and bounds. It is indispensable for businesses to ensure strong cybersecurity resilience. An effective Security Operation Centers (SOCs) that provides 24/7 threat detection, monitoring, and threat hunting are need of the hour. More importantly, SOCs should also be equipped with highly skilled cybersecurity professionals.
According to the Financial Stability Board (FSB), which coordinates financial rules for the G20 group of nations, financial firms should enhance their cybersecurity security defenses against skyrocketing cyber-attacks that are occurring due to the increasing need of WFH.
In the next sections, we will delve into some best cybersecurity practices and tools that have paramount importance for robust cybersecurity resilience.
Create a Strong Password
Passwords are weak points in the access management system. Remote users should create a strong password to thwart password attacks. To this end, use at least 8 characters that should consist of numbers, letters, special characters, and upper- and lower-case letters. Don’t use common passwords, such as country name, first name, or last name. Don’t use obvious passwords, such as 0000, or 1234.
It is rightly said that “anticipation is better than realization.” Organizations should proactively look for cybersecurity threats and attacks. Proactive measures involve identifying Indicators of Compromise (IoCs) and security vulnerabilities that can potentially lead to data breaches if they aren’t properly addressed by vulnerability managers and other security professionals. Organizations mostly use the “Threat Hunting” approach to proactively hunt cyber threats.
Avoid Shady Salesmen
Don’t be curious about online buying. Online fake vendors often create a sense of urgency to get consumers to buy fake products, ask them to enter confidential information on bogus websites, or download malicious software. Be careful about suspicious advertisements and promises that are “too good to be true.”
Create Data Backups
Data backups are essential to save data from being damaged. For example, a ransomware attack encrypts data and requires a victim to purchase a decryption key to decrypt data. If you already have a backup copy of your data, you don’t need to pay anything to hackers. Therefore, create a data backup into your external hard drive so that you don’t undergo harm in the event of a data breach.
Beware of Social Engineering Attacks
Social engineering attacks are very common on employees. Don’t share your credentials on social media sites and any other unknown site. Avoid opening suspicious emails and malicious attachments. Report suspicious activities to the IT department.
Implement Two-Factor Authentication
Simple passwords can easily be broken by cyber criminals through the use of different password attacks, such as brute-force attacks, dictionary attacks, and rainbow tables. You need to employ Two-Authentication (2FA) to secure your authentication system, such as a login account. The 2FA requires two or more pieces of evidence before granting access to the system or resources. In two factors or dual factors, the first one is password and the second one can be among different factors, such as fingerprint, facial scan, or a security token.
Implement Vulnerability Assessment
Vulnerabilities are security weaknesses in the corporate existing IT environment. Bad guys can exploit vulnerabilities to penetrate your corporate systems and networks. Vulnerability managers must eliminate security vulnerabilities in a timely manner to avoid the big nightmare. As a matter of fact, vulnerabilities can pave the way for notorious data breaches. Vulnerabilities can be addressed by using vulnerability management programs, such as Nessus, InsightVM, Qualys, Tripwire IP360, and GFI Langaurd.
Apply Patch Management
To deal with poor cybersecurity hygiene, security teams must apply patches across all operating systems, utility programs, and all types of applications, such as Microsoft Office, Adobe Photoshop, and so forth. Patch management programs should be periodic. All software programs should be up-to-date and effective in the face of the latest cybersecurity threats and attacks.
Initiate a Security Training and Awareness Program for Your Employees
According to security analysts, employees are the weakest point in the cybersecurity paradigm. Just clicking on a malicious link or downloading an infected attachment can play a devil with the entire corporate network. Hence, organizations must initiate a security training and awareness program to inculcate cybersecurity-related knowledge, including the best practices such as:
- Don’t click on the suspicious link
- Never download anonymous files
- Don’t pay heed to gifts or huge rewards in exchange for nothing, such as no service or no labor
- Report suspicious emails to concerned IT department
- Use spam filters
The Bottom Line (Conclusion)