BACKGROUND:
HP just released an HP Wolf Security report titled “Rebellions & Rejection” in which 83% of IT Teams believe that working from home (WFH) has become a “Ticking Time Bomb”. Report excerpts:
- Firstly, the variety and scale of threats facing organizations has meant Cybersecurity teams have been working harder than ever to keep the business safe but are now feeling burned out.
- Secondly, Cybersecurity teams have had to compromise security for business continuity, with many feeling like they’re in a catch-22 situation.
- Thirdly, Cybersecurity teams have had to cope with workers pushing back on their eff orts to keep the business secure.
<p>The findings reported by HP detailing employee pushback due to company cybersecurity policies is an interesting picture of the new challenges businesses face with workers and IT teams working remotely. One effect of employee frustration at corporate policies is to use their own equipment instead, which presents an immense risk to businesses by creating Shadow IT. With <a title=\"
href=\"https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:www.kaspersky.comblogunderstanding-security-of-the-cloudutm_source=CJutm_medium=affiliateutm_campaign=gl_b2b-cloud-mini-report_kk0084_organicutm_content=linkutm_term=gl_pr-media_organic_kk0084_link_partner_b2b-cloud-mini-reportAID=11552282PID=8904327SID=trd-gb-1759834625876865500campaign=tcid_cj_11552282_8904327_288fb52180c911eb81e602ba0a180510_x5CJ_CID=4829349CJ_PID=8904327CJ_CID_NAME=NextCommercePtyLtdCJEVENT=288fb52180c911eb81e602ba0a180510/1/0102017bcfcece85-65f28ef5-d330-4f2c-9082-21db8894092f-000000/zuuLH2Sc8GS7Jz4h_M8oKRSnIwQ=235\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:2F2Fwww.kaspersky.com2Fblog2Funderstanding-security-of-the-cloud2F3Futm_sourceCJ26utm_mediumaffiliate26utm_campaigngl_b2b-cloud-mini-report_kk0084_organic26utm_contentlink26utm_termgl_pr-media_organic_kk0084_link_partner_b2b-cloud-mini-report26AID1155228226PID890432726SIDtrd-gb-175983462587686550026campaigntcid_cj_11552282_8904327_288fb52180c911eb81e602ba0a180510_x526CJ_CID482934926CJ_PID890432726CJ_CID_NAMENextCommerce2BPty2BLtd26CJEVENT288fb52180c911eb81e602ba0a180510/1/0102017bcfcece85-65f28ef5-d330-4f2c-9082-21db8894092f-000000/zuuLH2Sc8GS7Jz4h_M8oKRSnIwQ235&source=gmail&ust=1631396322706000&usg=AFQjCNFkBpS3NvCRTNAncFmAQPyK_xoTHg\">more than 90%</a> of all cyber breaches being caused by human error, companies must have complete oversight of how their IT systems and hardware are being used by remote workforces. Without knowing what tech is potentially in contact with a business’s data systems, IT and cybersecurity teams have difficulty anticipating how the data belonging to a business can be potentially compromised, sold on, and even held for ransom.</p>
<p>Alarmingly, <a title=\"https://www.kaspersky.com/blog/the-human-factor-in-it-security/\" href=\"https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:www.kaspersky.comblogthe-human-factor-in-it-security/1/0102017bcfcece85-65f28ef5-d330-4f2c-9082-21db8894092f-000000/-flTz_5V-5jlb7Gp-6zvHCzaArY=235\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://74n5c4m7.r.eu-west-1.awstrack.me/L0/https:2F2Fwww.kaspersky.com2Fblog2Fthe-human-factor-in-it-security2F/1/0102017bcfcece85-65f28ef5-d330-4f2c-9082-21db8894092f-000000/-flTz_5V-5jlb7Gp-6zvHCzaArY235&source=gmail&ust=1631396322706000&usg=AFQjCNHktzz_aW2nNPhjCjqPg5lnNj4fNw\">46% of cybersecurity incidents</a> last year were contributed to by staff lacking cybersecurity awareness and knowledge. This was primarily the result of social engineering and phishing scams, which trick individuals into compromising their own security. Cyberattacks based on scams like these are becoming more sophisticated at exploiting uninformed employees, especially those currently working in less secure remote working environments, and shadow IT only amplifies these threats. By hindering the visibility of an IT team, shadow IT diminishes their ability to provide advice and support on the potential threats as they occur – leaving employees and businesses vulnerable.</p>
<p>There has been a 72% increase in ransomware attacks since COVID19 that corresponds to the dramatic increase in work from home (WFH) and use of existing (and already infected) home computers. Bad actors can exploit such vulnerabilities and use key loggers and other MITM (Man In The Middle) attacks to appear like the legitimate corporate WFH user.</p>
<p>While enterprises and users are starting to adopt passwordless authentication methods like “phone as a token” and FIDO2 for customer and Single Sign On (SSO) portals and enterprise applications, vulnerabilities still exist across entire categories of cases such as, 3rd party sites, VPN (Virtual Private Network) and VDI (Virtual Desktop Infrastructure) environments, all of which are particularly vulnerable in the current WFH explosion.</p>
<p>Companies need to adopt a more holistic modern authentication strategy that is identity provider agnostic and can operate across all use cases in order to build true resiliency and ensure cyber defense against such actors.</p>
<p>Eighteen months into the work from home era of the Covid-19 pandemic, many IT shops still don’t have a good handle on how to enact cybersecurity outside of the office. As a result, remote workers are actively bypassing standard security restrictions in an attempt to do their jobs, and in the process opening up security holes for exploit.</p>
<p>Corporate security professionals need a better understanding of how remote workers are doing their jobs so they can work collaboratively in designing cybersecurity systems that meet those needs. Monitoring activities in WFH environments and assessing the risk of specific activities should be a cornerstone of that effort.</p>
<p>Every new access method, user pool and technology adds attack vectors and vulnerabilities to hackers. Given the zero warning of the COVID-19 pandemic, there was of course, errors and security flaws in most enterprises <span class=\"il\">WFH</span> strategy. We just saw that even the best <span class=\"il\">WFH</span> plans might be vulnerable w/ over 500k of Fortinet VPN users being exposed. </p>
<p>As with the other attack vectors, enterprises have to assume they will be breached and then ensure that rogue users access and actions are mitigated or limited. Key methodologies like Zero Trust must be implemented to ensure minimal lateral movement across the enterprise. This, coupled with reviews and alerts on the enterprise identities, is a crucial requirement to insure against <span class=\"il\">WFH</span> and other attacks. </p>
<p>Privilege escalation is usually the first course of action once a hacker gains hold of a user\’s credentials and these escalations must be detected to maintain enterprise security.</p>