A new study from LearnBonds indicates that 68% of major organisations (public and private) plan to increase their cybersecurity spending as a response to the COVID-19 pandemic, given the intersection of increased Work From Home (WFH) and the growth of data breaches, phishing and ransomware attacks. Experts with appviewX, Byos, Inkscreen and Gurucul offer perspective.
Threats are escalating and network boundaries are evaporating. A huge chunk of the workforce is working from home for the first time, and are often making due with unsecured devices, unapproved services, and unguarded networks. This scenario creates clear opportunities for hackers. When combined with a public health crisis that is creating confusion, desperation and general disruption to the modus operandi, you have a recipe for cyber-disaster.
For example, we have seen new sophisticated phishing attempts with messaging around the PPP and EIDL programs. There was also a scheme to redirect business payments to a new account because the original bank was closed due to the pandemic.
In the wake of COVID-19, businesses have had to quickly change their long-standing, limited remote work strategy. Most have had no time to change and implement new controls for securing data with a remote workforce. And cyber criminals are using this pandemic to increase their volume and severity of attacks at all levels.
The borderless work environment introduces a new set of cybersecurity issues. Workers are logging into corporate networks from unsecure personal devices and networks. And dealing with remote workers, a surge in temporary workers, headcount reductions, and a staggering demand for staff in some industries has radically impacted access controls across the board. Traditional security and access control measures won’t work in this new borderless emergency remote workforce state. Rules, policies and signatures are ineffective, and security and identity teams do not have enough time to change or build new rules and threat patterns. The fastest and most efficient way to solve the problem with highest efficacy is by using machine learning to perform behavior analytics and identity analytics on this ‘new normal’ – to detect and remediate malicious behaviors and access risks.
The idea of the corporate perimeter has vanished overnight and the security technologies used to protect the central corporate network have become somewhat obsolete – employees are connecting from their home, meaning they are accessing corporate resources from untrusted, insecure Wi-Fi networks. The shift to a perimeter-less, Zero Trust security strategy has been accelerated out of necessity, which would fall in line with the increased spending prediction. Organizations are forced to adapt to this new \”work from anywhere\” mentality.
Employees working from home don’t have the same firewalls, network-based intrusion detection systems, and other defenses they have in the office. This means that malware and lateral network movement, exploits and brute force attacks are common threats.
There are also often dozens of unmanaged devices connecting to our home networks: personal laptops, cellphones, gaming consoles, and home IoT. Any of these devices represent an entry point for attackers; once they\\\’ve compromised an edge device, chances are high this compromise will spread laterally throughout the home network. And once an attacker or malware gets into a device, they often go undetected, seizing or manipulating data with the ultimate goal of moving from the single remote laptop or tablet into the big prize: the company network and servers. Some basic steps businesses can take to protect themselves against cyber threats:
Digital and internet-based systems are understood to be easy pickings in the case of this pandemic. There are two primary drivers that contribute towards organizations ramping up their security policies. First, remote working has opened up protected systems (that are usually heavily guarded) to external access. Many firms might relax their access policies while neglecting to turn up the security a notch to balance it out, thus thinning the metaphorical wall that hackers would need to knock down in order to force their way into a protected environment. Second, the financial gain to be realized from exploits is a lot higher than normal now — consider the case of the hospitals that were hit by ransomware attacks, and were put in a position where the criminal simply had to name their price. Why? These institutions could not afford to be disconnected from their digital systems at a time when so many patients were so dependent upon them.
The point is that criminals believe they can reap relatively larger rewards during these trying times. It’s time for enterprises to prioritize security to an even greater extent. It’s a smart investment to deepen relationships with reputable security vendors and consultants, and implement security automation systems that will protect their digital environments now and for years to come.