The coronavirus changed just about everything — and cybersecurity didn’t make it out untouched either.
As economies shut down and companies rushed to send their employees to work from home, the threat of cyberattacks escalated for nearly every industry as they relaxed their cybersecurity makeup and stretched resources thin.
More than 80% of global organizations experienced increased cyber threats during COVID-19, and as companies choose to work from the cloud and keep employees remote, the threat changes.
Cybersecurity practices must change with it.
Remote work or hybrid models aren’t going away. Such models help increase the hiring pool for organizations and an increasing number of job candidates prefer to work remotely.
To cope with the onslaught on the pandemic in 2020, companies speedily changed their IT infrastructure to maintain up to a ten-fold surge in remote workers who used their computers more heavily for things such as zoom meetings, according to a Netscout report from 2021.
During that shift, employers and employees relaxed cyber security hygiene, rules and policies.
There was a spike in DDoS attacks that exploited such overhauls, targeting on-premise VPN concentrators. A shift to remote working meant attacking a VPN could disrupt an entire organization instead of 10-20% of the workforce pre-pandemic.
Ransomware attacks surged during the pandemic as well, with a marked spike in attacks on hospitals and the education sector. Fortinet’s 2021 Global Threat Landscape Report stated that ransomware attacks increased 10.7 times between November 2020 and 2021.
Some of the risks involved with remote work during the pandemic include:
- Staff working without employer-supplied PCs were allowed to connect their own devices to the enterprise network, leaving the business exposed to whatever software was or wasn’t running on them.
- Staff who were issued employer-supplied computers exposed companies to risk by using the computers for personal use.
- Children and other family members used the same home network as the employee, increasing the number of entry points for cyber attackers.
- Remote access left businesses at the mercy of whatever security was or wasn’t supported by the employee’s home wi-fi network.
- Multiple devices shared the same home router, including the work computer, doorbell, washing machine, vacuum and other smart devices.
All of these risks continue as remote work remains part of the business. Employees must recognize that they are an extension of the company’s network, which means they’re a potential entry point.
If anything, the pandemic has taught employers and society the importance of segmenting network domains at home and truly keeping your work and home life separate — even if they’re housed in the same building.
It’s also showed the importance of practicing good cybersecurity hygiene and preparing a plan in case of a cyberattack (and rehearsing said plans).
Here are some things remote employees should know:
- Cybersecurity hygiene: good password policies are just as important at home as they are in the office, and working from an employee’s home network means all family members should have a basic understanding of cybersecurity.
- Maintain a secure workstation: this means not allowing any other family members to use your work devices and ensure you aren’t leaving confidential information visible to others
- Employee education: Employees need to understand what attacks look like, what forms they can take, how sophisticated they have become, what the impact is of an attack and what they should do if they suspect they’re being targeted
Security teams are focused on fixing the mistakes made during the pandemic to return to a healthy pre-pandemic cybersecurity.
But in the long term, it’s impossible to “return to normal” IT service architecture and security. The relaxed security of the pandemic is a mistake as well. Instead, businesses must “plug the holes” in the new model that emerged during the pandemic.
That involves going back and enforcing routine technology hygiene, such as implementing cloud security controls in development environments, ensuring exposed VPN concentrators aren’t easy to identify by attackers, and upgrading to a dedicated DDoS protection capability rather than relying on insufficient protection features.
While our world seemingly shut down for months during the pandemic, cyber threats and attacks evolved. Businesses should adapt to protect themselves and their employees.