As you may have noticed from the headlines, security incidents have increased significantly since the pandemic began. For a start, complaints to the FBI’s Cyber Division are up 400% from before the COVID-19 pandemic and come especially from small and medium-sized businesses.
Not surprisingly, one of the biggest reasons for this uptick in attacks is the widespread and sudden switch to work-from-home (WFH). This switch presents a sea change not just in how we conceptualize ‘work’ in the 21st Century, but how we secure scores of workers who now make up a distributed workforce rather than a single, unified ‘office’ as we’ve traditionally understood it.
In this post, we examine some of the WFH factors contributing to this rise in incidents.
The pandemic took the whole world by surprise and showed us just how unprepared we were for sudden disruption. Businesses scrambled to continue operation in the face of lockdown orders and travel restrictions. As a result, this sudden and unexpected shift to WFH meant, in most cases, a rushed, hasty implementation of tools to support an army of now-remote workers.
Because most organizations lacked the existing infrastructure to enable widespread WFH, the solutions implemented were stopgap measures for a crisis. They likely didn’t get the same level of vetting or integration that would normally be expected from an IT solution. The imperative at the time was simply to get it done and get the company back up and running.
Months later, however, these initial hasty solutions have settled in as standard operating procedure as few have gone back to shore up the initial “temporary” solutions. With that comes the propagation of many vulnerabilities that hackers can exploit.
Distributed network threats have been a problem long before the switch to widespread WFH. These threats have been a fact of life ever since the days of expensive network access. Networks then were targeted differently than they are now. For example, workers working from coffee shops gave rise to new tactics by threat actors to target these people.
Today, with the pandemic, we see a similar pivot in tactics given the changes in the world that have led to more WFH. Right now, threat actors are looking for valuable corporate assets behind poorly defended home networks and weak endpoints connected to them.
While a threat actor likely doesn’t look at it this way, businesses must balance liability considerations with how they monitor employees’ online behaviours while they are on the clock, even though they are working from home.
While it might sound Orwellian, monitoring is something that companies do all the time on corporate servers and internet connections as part of routine threat monitoring. But how can you do that when your staff is remote without risking liability? What do you monitor on an employee’s personal network, and when? What happens if an employee’s system is compromised after hours while they are doing non-work-related activities online?
The sensitivity to known risks (and potential liability) versus unknown risk (and the potential for cyber-attack) may leave gaps in coverage for hackers to exploit. Companies have to walk a razor’s edge in this new WFH world.
All the carefully enacted network-level preventions that you enjoy on your corporate systems, like nIPS, gateway firewalls, sandboxes, etc. may not be in play anymore with a workforce that is heavily WFH. Security controls are left in the hands of the host (i.e., your employee), and how can you be sure they’re up to spec?
There are workarounds you can use. You can have your employees use a VPN in such a way that their activity remains behind your firewall, for example. But getting everyone to comply can be challenging. If you didn’t have these kinds of protocols set up before the pandemic, it’s just another in the multitude of changes that can discourage employees from getting on board.
Businesses don’t have control over employees’ home networks or personal assets connected to them. What about Internet of Things (IoT) devices that connect to your employee’s home network? Are they secure? Is a neighbour piggybacking off your employee’s wi-fi signal?
These kinds of vulnerabilities may have been ignored by threat actors previously. But now they serve as the soft underbelly of your network, providing an entry point into your corporate assets.
See what we mean about the multiplication of threat vectors?
As you can see various factors have contributed to the dramatic rise in cyber-attacks since the start of the pandemic. When considered in the light of the dramatic shift to WFH, these factors help explain the additional cyber attacks we are seeing.
This new reality demands action from us to mitigate the risks posed to our corporate security. We talk about what steps you can take, and how managed detection and response (MDR) can help secure your systems for a WFH workforce, in our new whitepaper, Tackling the Threats in a Newly Distributed Workforce. Click here to get your free copy today.
We are offering a 30-minute complimentary consultation for small to medium size businesses. During the 30-minute consultation session, we will discuss your network architecture, and propose security awareness messaging to enable your users to identify and remediate vulnerabilities. The objective is to help you and your IT Team prepare for scenarios where traditional security technology may not be as effective with a remote workforce.