The COVID-19 crisis has resulted in a huge surge in cybercrimes, one that does not show any signs of abating. Organizations urgently need to strengthen their cyber defenses, as business survival and managing remote working situation along with the gradual return to office emerge as the top priority.
The coronavirus pandemic has not just resulted in economic turmoil but also a massive increase in cybersecurity risks. Since February 2020, the number of cyber-attacks has skyrocketed. Statistics from the World Economic Forum (WEF) indicate that data fraud and cyber-attacks are the third-largest COVID-related business concern, ranked after the surge in corporate bankruptcies and the global recession.
As the world adapts to the ‘new normal,’ many enterprises plan to transition back to the office. This means emergence of a new set of challenges that workplaces need to overcome to ensure a safe return to work. This results in additional cybersecurity concerns that arise from the swift reintegration of remote workers.
While most of the attention was focused on protecting staff from the risk of illness, many businesses may have made the mistake of overlooking other equally invisible but serious threats in the form of security compromises. Threat actors have been busy exploiting new vulnerabilities exhibited by remote workforces over the last few months.
With the sudden switch to remote working, there emerged an increased reliance on personal devices such as USB drives, mobile phones, personal computers, and other office-related work devices. If these personal devices are compromised, they can pose a serious threat to an organization’s infrastructure as soon as they connect to the internal network. It’s almost like a sleeper cell laying low until the time is right to strike.
These risks can severely impact organizations irrespective of their size unless the necessary steps are taken.
User behavior has been one of the greatest weak points in the cybersecurity defenses of an organization. With the coronavirus pandemic, even the average employee turns into a heightened potential security risk, one that they are completely unaware of.
Opportunistic cybercriminals are on the lookout to target vulnerable organizations, which may have weak security infrastructure in place during this difficult time. The risk when cybersecurity is de-prioritized by businesses is that cybercriminals can target untrained, susceptible remote workers with sophisticated and realistic-looking phishing attacks. Also, hackers are now playing on people’s concerns about the situation, their natural need for information and interaction to launch cyber-attacks.
There is a pressing need for organizations to educate employees about cybersecurity, methods used by hackers, and what the employees as end-users should do to protect themselves as they work remotely.
Returning to the Workspace
A multi-pronged approach is needed to stop sleeper cell-style attacks before the demands get activated. Organizations should strengthen the protection of their remote workers. Detection of abnormal authentication such as brute force attempts on VPN can help diminish some of the risks.
Whenever employees return to the workspace, the devices they bring with them should be ideally quarantined in a separate space until they have been scanned for vulnerabilities and hidden malware. Deep inspection of web proxy traffic and DNS can help identify malware sending command and control instructions hidden in DNS communications or the HTTP.
These measures make it tough for threat actors to escalate privileges and move laterally through the network without being detected. Behavioral analytics also helps detect the subtle signs of an imposter using a compromised device or stolen credentials.
Cybercriminals deploying sleeper cell strategies are some of the most patient criminals around, biding their time to execute their strike and seize their prize. But with the strong security measures and right precautions in place, organizations can ensure the threat actors will have gone to all that trouble in vain.
In the new normal, CISOs and organizations need to remain vigilant to various forms of vulnerabilities and risks that may appear once employees start returning to the workspace. Even though the health of the employees remains the top priority while planning the return to work, organizations must also give due importance to the cybersecurity aspect to safeguard their systems and data.