The year 2020 will be remembered for two significant events – the Covid-19 pandemic and the cyber pandemic. Governments worldwide closed their borders, imposed strict internal lockdowns, and urged people to stay at home to curb the spread of Covid-19. However, organizations were unprepared and had to allow their employees to work remotely to maintain business continuity. These very organizations were against remote working, particularly when it came to accessing confidential data, indicating their lack of readiness for remote work.
Despite this, organizations had to accelerate their digital transformation efforts to support remote work. Microsoft CEO Satya Nadella stated, “We’ve seen two years’ worth of digital transformation in two months.” Unfortunately, the rapid expansion of digital infrastructure increased the threat surface, and organizations did not keep pace with cybersecurity accordingly.
This scenario was a boon for cybercriminals who stepped up their attacks to exploit vulnerabilities in remote working. The new normal of remote work opened up novel challenges or accelerated existing ones, from social engineering campaigns to ransomware and hacktivism to unemployment fraud. The negative impact on cybersecurity resulting from the Covid-19 pandemic-driven digitalization is known as the cyber pandemic.
An example of cybercriminals exploiting cybersecurity vulnerabilities in remote working includes taking advantage of an employee’s psychological state. Working from home can be overwhelming with a combination of video call fatigue, an “always on” mentality and household responsibilities that cause mental distractions. Cybercriminals rely on these distractions to lead employees to make careless decisions. They pose as trusted individuals or organizations to trick victims into sharing sensitive data with them. This type of scam is known as Business Email Compromise (BEC). The data that cybercriminals access often includes employee credentials, which can allow them to infiltrate organizations and compromise their IT systems, especially corporate payment systems.
Furthermore, cybercriminals see organizations that use a Bring Your Own Device (BYOD) approach to remote work as easy targets. Employees may not have installed antivirus or may not regularly run it to scan for malicious files. If they access corporate files and data from their personal computers or laptops, they could expose themselves to cyberattacks. Wi-Fi networks are also much easier to attack. In short, cybercriminals are exploiting any vulnerabilities that exist in working from home, whether it’s employees’ psychological state, their fear of the pandemic (many malicious domains with Covid-19 or coronavirus terms have emerged), adoption of BYOD, reliance on a virtual private network (VPN) for access control (which is not designed for this use case), or use of videoconferencing platforms (credential stuffing scam).
Moreover, cybercriminals are increasing their efforts to capitalize on remote working. Before the pandemic, 20 percent of cyberattacks used previously unknown malware or methods. However, after the pandemic, the number of such incidents increased by 35 percent, according to a report by Cynet. For example, some new malware uses machine learning to adapt to its environment and remain undetected. Additionally, phishing attacks are becoming more sophisticated by leveraging new channels like SMS and voice (vishing). Hackers also combine data leakage attacks with ransomware to increase pressure on victims to pay a ransom.
Unsurprisingly, the cyber pandemic is full of alarming facts and trends.
There are many ways for organizations to be proactive and actionable against cyberattacks.
- Implement security measures and industry-wide cybersecurity requirements.
- Provide cybersecurity awareness to employees.
- Leverage user and entity behavior analysis’ or UEBA that analyses the normal conduct of users and detects anomalous devious to counter sophisticated cyberattacks.
- Host check to validate individual requirements on personal devices to allow access to corporate applications.
- Corporate-owned devices should be provided to the remote workforce to access confidential and sensitive data remotely.
- Carry out frequent cyber crisis simulation exercises to prepare their response to a cyberattack.
- Implement a zero-trust approach to cybersecurity.
In a nutshell, companies need to make their remote working practices resilient to cyberattacks and enhance their development and application of security measures. They have to apply the lessons the pandemic taught them to limit the risks related to cyber attacks by being prepared to quickly react to unforeseen events.