This is part of our ongoing conversation about the worldwide challenges of working remotely. To stay up-to-date on the latest insights, refer to our live page for COVID-19: Cybersecurity Community Resources. This piece was co-authored with support from Optiv.
Security teams have spent decades building up their defenses against cyberattacks. Unfortunately, having workers at home during social distancing is circumventing these protections. Home networks and personal devices are being used to access company networks and information. And most companies do not have the security infrastructure in place to handle remote work at scale.
Attackers see this as an opportunity to exploit and are going back to simple phishing and malware techniques to attempt to enter corporate networks. For cybersecurity professionals, this means we need to go back to the basics.
Why We Are So Vulnerable
Phishing attacks have gone up with the rise of social distancing. In fact, over 1,700 Zoom-themed domains have been registered since January. We’re even seeing things like “CoronaVirus Ransomware” pop up.
There are many reasons why attackers see this as an opportunity to use basic techniques to get corporate credentials. Here are just a few:
- Home networks – Home networks are not as secure as corporate networks. With remote workers accessing the corporate network via VPN, this could be a way for attackers to hop from the home network to the corporate network.
- Influx of emails – With the influx of emails relating to COVID-19 information, it is easy for hackers to send a phishing email with a link to information that a user might unknowingly click on.
- New tools – Widely used virtual collaboration tools, like Zoom, are an opportunity to use similar domains to gather user information.
- Shared devices – Employees may be sharing devices with kids who may be more prone to clicking on fake websites and entering information.
- Stress & distraction – The unique situation can lead to employees, who have been well trained to avoid phishing scams, to fall prey due to the stress and distraction they may be experiencing in their home environment.
- Less defenders – Defenders are social distancing and security admins may not have the same visibility into attacks as they had in the office. Attackers can worry less about hiding their tracks and continue to attack servers one at a time.
Actions to Get Back to Security Basics
The increased risk of attack means cybersecurity professionals need to take some basic actions to keep endpoints protected.
- Communicate to employees what to look out for. Give clear examples of phishing that may target them during remote work such as typosquatting or virtual meeting app targeting and what to look for to vet the credibility of corporate-looking emails.
- Take these 10 actions to ensure remote workers are as secure as possible.
- Wherever possible automate security tasks like testing so you can cover more with less resources.
- Take advantage of the additional help being offered by security vendors to protect remote devices. For instance, VMware Carbon Black removed endpoint limits so customers can secure additional devices.
- Stay up to date on the latest threats from the cybersecurity community.
Strengthening Remote Work Security is Good for the Long Haul
Social distancing will hopefully go away at some point, but remote work is here to stay. As more companies learn how to operate with remote workers, more jobs will transform into remote assignments. This means that the need to secure remote workers will not go away. With that perspective, take this opportunity to make security decisions that will strengthen your security posture for years to come.
View our webinar to learn more about how to provide continuous, secure access to applications across remote endpoints.