Cyberattacks against businesses have spiked since the shift to remote work began in early 2020, says Keeper Security.
The coronavirus pandemic and lockdown forced organizations to make dramatic changes over a quick period of time. One of the biggest changes has been the shift to a remote workforce. But because of the abruptness and speed of that transition, proper cybersecurity hasn’t necessarily been followed, prompting cybercriminals to level more attacks against remote workers, devices, and assets.
SEE: COVID-19 workplace policy (TechRepublic Premium)
Based on a survey, a report released Tuesday by security provider Keeper Security looks at the types of threats aimed at organizations with remote workers and offers advice on how to better protect your workforce.
Sponsored by Keeper Security and conducted by Ponemon Institute, the survey reached 2,215 IT and security workers in the US, UK, and other countries. The objective was to determine how the cybersecurity of organizations has been affected by the move to telework.
All of the respondents to the survey were in organizations that furloughed or shifted their employees to remote work because of COVID-19. Before the coronavirus, around 22% of them had remote workers; now around 58% of them maintain a remote workforce. And since the transition, 60% of the organizations surveyed have seen a rise in cyberattacks.
Among the respondents in the US, 63% have witnessed an increase in phishing and social engineering, 52% noted a jump in credential theft, and 50% reported a rise in account takeovers. Other types of threats that have plagued organizations this year include general malware, Distributed Denial of Services (DDoS) attacks, web-based attacks, malicious insider attacks, compromised and stolen devices, and advanced malware and zero day attacks.
SEE: Cybersecurity: Let’s get tactical (free PDF) (TechRepublic)
Many of the threats have been able to sneak past traditional security protection. Some 51% of the respondents said that malware and other exploits were able to evade their intrusion detection systems, while 49% said that such threats got past their antivirus tools. As such, only 44% of those surveyed rated their security measures as effective, down from the 71% who offered the same opinion prior to the pandemic.
The survey also elicited thoughts and concerns as to how the shift to remote working has impacted cybersecurity defenses.
Lack of security. Almost half of the respondents said they worry about the lack of security in a remote worker’s environment. Specifically, IT and security professionals are most concerned about their inability to manage or control a remote worker’s physical security.
Risks to data. Respondents also worry about the risks to sensitive data. Some 71% of those surveyed said that remote workers put the organization at risk for data breaches, while 57% said that such workers are prime targets for cybercriminals looking to exploit various vulnerabilities.
Inability to respond to cyberattacks. Caught off-guard by the abrupt lockdown, respondents said their organizations were not prepared for the effect it would have on their ability to respond to a cyberattack. Some 56% said the time required to respond to an attack has increased, while 42% said their organizations have no understanding of how to defend against attacks due to remote working.
Vulnerabilities caused by Bring-Your-Own-Device (BYOD). Some 67% of the respondents said that the use of personal devices by remote workers to access business-critical applications and assets has hurt their security posture. Smartphones, laptops, and mobile devices are now considered the most vulnerable endpoints.
SEE: Bring Your Own Device (BYOD) Policy (TechRepublic Premium)
Budget constraints. Only 45% of those surveyed said their organization’s security budget is sufficient for handling cybersecurity risks caused by remote workers. Just 39% said their organizations have the expertise required to manage and mitigate risks triggered by remote working.
How to make your organization more secure
To better manage and improve your cybersecurity posture amid this shift to remote working, Keeper Security has the following recommendations:
- Require all remote workers to use authentication methods, preferably multi-factor authentication.
- Make sure remote workers who are using their own devices (BYOD) have enabled basic security features such as a PIN, fingerprint, or facial ID feature.
- Ensure that the access to sensitive and confidential information given to remote employees is based on their role and responsibility.
- Secure all types of remote worker devices–including desktop and laptop computers, smartphones, and tablets–against common threats.
- Require remote workers to keep computers and mobile devices patched and updated.
- Educate remote workers on how to recognize unusual or suspicious activity on devices being used for remote working and then contact your organization’s help desk or security center to report the activity.
- To increase the security of remote working, organizations should require periodic password changes, prohibit employees from reusing the same passwords on internal systems, and require minimum password lengths.
SEE: Password managers: A cheat sheet for professionals (TechRepublic)
“The abrupt and chaotic shift to remote work earlier this year rattled the status quo for companies in the U.S and around the world,” Keeper Security CEO and co-founder Darren Guccione said in a press release. “Unfortunately, it was fairly easy to predict this global disruption becoming a colossal risk to cybersecurity. Our hope is that by shedding some light on the complexities of what’s gone wrong, organizations will have some guidance and direction into how to strengthen approaches to security in the remote world.”