As if the battle against hackers and cybercriminals wasn’t challenging enough, the Covid-19 pandemic has created an environment even more fraught with danger for cyber security teams. A primary reason is that so many workers have been forced to work remotely at home. PWC, the percentage of full-time employees working from home because of the pandemic rose to 61 percent (from 33 percent) through the second half of March. That means more people accessing corporate networks remotely and a higher probability of “weak links in the chain” of cyber security frameworks.
While remote work access is perhaps the top concern, Deloitte’s Cyber Intelligence Centre recently highlighted several other key threat vectors that are impacting companies worldwide in the wake of the Covid-19 pandemic:
- Remote work/At-home access risks: With a huge increase of employees now working from home, virtual private networks (VPNs) have become a lifeline for companies. But a lack of cyber preparedness may lead to security misconfigurations in VPNs that can expose sensitive information or denial of service (DoS) attacks by cybercriminals.
- Delayed response by cyber security teams: Cyber defense specialists working remotely themselves and a rise in cases may lead to lengthy threat detection and response times.
- Physical security: While many will be working from home, some will be inclined to login for remote work from different locations, using shared or public computing resources and further raising the security risk.
- Experts becoming cybercriminals: With cyber security professionals facing job loss due to pandemic downsizing, some may be tempted to flip to the other side and use their skills as black hats to take advantage of the current climate.
- Inadequate business continuity plans: No one was able to foresee the Covid-19 pandemic in its entirety, so business continuity plans will likely fall short of their goals and will need to be reworked.
Specific Threats are Growing From Remote Work
Ransomware attacks—in particular–have been growing dramatically during the pandemic. There has been a 900 percent increase in ransomware attacks this year as the virus has spread. For example, a new strain was recently detected that exploited a contact-tracing mobile app meant to monitor the spread of the coronavirus in Canada. It was reported that the ransomware emerged when Health Canada was set to test the app in Ontario before a wider release. Cybercriminals released their own Android package (marketed as the official Health Canada app) on bogus websites that downloaded the CryCryptor ransomware on Android devices when accessed.
The massive remote work environment has also given rise to other threats that targeted popular video conferencing platforms like Zoom. Cyber security researchers recently identified a flaw in the Zoom app that enables hackers to inject malware code into the Zoom app and record Zoom sessions (including chat text) without anyone knowing, even when the recording functionality had been disabled. Bad actors are even harvesting Zoom user credentials and selling as many as 500,000 accounts on the “dark web.” Many organizations, like Google and NASA, recently banned employees from using Zoom to conduct video meetings.
Where are Attacks Coming From?
Cyber attacks come from all over, but in this new remote work environment, there has been a spike from traditional adversaries abroad. For example, Symantec’s Critical Attack Discovery and Intelligence Team found that a Russian cybercriminal group known as “Evil Corp” has been targeting Fortune 500 companies and was sanctioned by the US Treasury Department for allegedly stealing more than $100 million from banks and financial institutions in over 40 countries.
Along with Russia, China, North Korea, and Iran pose the greatest danger in cyberspace, according to officials and cyber security experts. Because of the generally weakened security posture caused by remote work, companies in America, in particular, are under siege.
“Zero Trust” Framework Gaining Momentum
To respond, companies are adopting a variety of distributed security measures, including what’s known as the “zero trust” framework. Zero trust treats every component of the IT infrastructure as a potential compromise. That includes every user, device, service, and the element of data. Perimeter defenses worked well when most assets existed within the firewall, but when most employees are now working remotely, the rules of the game changed accordingly. As a result, more than 70 percent of companies that are now in the reality of remote work is considering the zero-trust model.
Approach and Skills Will Make the Difference
With so many people working from home and other remote work locations, companies will need to lay out clear cyber security policies for all to follow. Employees will need to change their approach and become more sensitive to security protocols when they work remotely. But skills training for cyber security teams can also make a big difference.
Forbes recently reported that there will be 3.5 million cyber security jobs left unfilled by companies in 2020. That leaves a lot of room for the upskilling of your cyber security teams. Key certifications include:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified Ethical Hackers (CEH)
Any and all of these certifications will ensure that the people that try to stay ahead of the “black hats” will always have the education and best practices on their side to secure the “new normal” of remote work environments.