There’s a pandemic that is sweeping the globe. COVID-19. As states impose social-distancing measures, most businesses are requiring their employees to work from home. With this huge shift in the workplace, it brings a whole new set of cybersecurity challenges for employers.
Cybercriminals are cashing in on this rush to work from home, they are ramping up their tactics to take advantage of those who may have inadequate or naïve security postures as a result. With schools shut down, E-Learning is also occurring in the home, while parents are working form home as well, which offers an attractive opportunity for cybercriminals.
Working from home or using online education programs is not new. However, a large, immediate migration of people from enterprise and university networks that are closely monitored and secured, to largely unmonitored and often unsecure home Wi-Fi networks, creates a huge opportunity for hackers. These cybercriminals are outside the reach of perimeter-based security tools and will likely have higher exposure to phishing and network attacks.
Attackers have been capitalizing on COVID-19 – themed cyberattacks as panic around the pandemic continues – including various malware attacks involving Emotet (a Trojan that is primarily spread through email) and other threats. The World Health Organization (WHO) has issued warnings about scammers pretending to be the organization. Attackers are looking for the vulnerable and are capitalizing on people’s fear of the virus. For example, if an individual is more stressed about COVID-19 they are more likely to forget their security training and more likely to click on a link in a phishing email or give their credentials to a malicious website. Now is a great time to warn employees to be extra cautious, and really look at an email’s validity before clicking on any links. If you are unsure about the validity of an email, the safest bet is to delete it.
A lack of IT resources can be detrimental to organizations as they rush to enable remote strategies. When workers and students are sent outside the normal perimeter, managing device sprawl, and patching and securing hundreds of thousands of endpoints, becomes a much bigger challenge. Essentially the security team loses control of the environment in which the user is working. Is the worker’s home Wi-Fi secured? Are they using a personal computer? If so, what mechanisms do you have to ensure that device isn’t compromised? Now the situation has been created where the organization’s network perimeter now includes all their employees’ homes. Some security programs are ready for this, but some are not.
Fortunately, there are some steps organizations can take right now to help tighten security. Take an inventory of all business applications used and identify the most critical ones. For SaaS applications (third-party provider host, ex. Cloud computing), follow up with the service provider and inquire about their business continuity plans. For any on-premises applications that would require VPN connectivity, test and validate that VPN connectivity for higher utilization than usual. Make risk-assessments of remote workers’ computing setups. Ask employees how they will connect to the organization’s systems, and what devices will they be using to connect.
Lastly, considering most cybercriminals prey on the element of human error, user education is critical. Make sure employees and students are up-to-speed with the latest information on COVID-19 and that they know how to protect themselves and their families from the virus itself, as well as all the hackers looking to capitalize in its wake.