Tech Peak » Brave New World: Cybersecurity When Working From Home

Brave New World: Cybersecurity When Working From Home

by Nadya Bakhur
cyber security during remote work

cyber security during remote work

For almost two years we have been living in a new reality. We minimize contacts, leave home only if necessary, work remotely, and are constantly under the pressure of disturbing news. By putting the whole world on pause, paralyzing much of the business and destroying the usual agenda, the pandemic at the same time made many problems sound more acute. One of them is cybersecurity during the reote work.

Unlike most, the cybersecurity industry did not have to face new challenges. The problems that experts face include:

  • Identifying urgent threats;
  • Protecting corporate infrastructure;
  • Block malicious activities, including those exploiting the COVID-19 theme. 

The main change is the increased volume of these tasks caused by the transition to remote work, often with a lack of awareness of the risks that it can carry in terms of information security.

Employees of software development companies have exposed problems that many companies would rather ignore under normal circumstances. Shortly after Zoom, a well-known application for video conferences reported a series of reports of security vulnerabilities, low-cost airline EasyJet announced a breach of its information system that affected 9 million customers. The World Health Organization has reported that the number of cyberattacks on the organization has increased fivefold amid the pandemic. The organization has warned of fraudulent emails on behalf of WHO. These are just a few examples: the sharp increase in online threats connected with remote work suggests that the trail of consequences will continue after the end of quarantine.

Cyber ​​Threats In The Era Of a Pandemic

For business, December 2021 means almost a two-year milestone in remote work mode. The companies continue to adapt to the new order, trying to build their processes as efficiently as possible. The adaptation of cybercriminals has already been completed.

The companies today can quickly transfer some of the employees to remote work, giving them instructions on how to set up remote access. However, they don’t provide epployees with proper training and don’t restrict access to corporate services. 

The worldwide shift to work from home has greatly expanded the online threat map. Financially motivated criminals have become more active. For them, “remote control” has weakened the control over banks and financial organizations employees.

The high engagement of the audience on the COVID-19 topic has made malicious mailings that exploit this topic a universal primary vector of penetration. Experts from cyber security companies every day record new examples of mailings to infect users with ransomware viruses, banking Trojans or spyware, which, among others, come to corporate mailboxes of company employees. Since the beginning of the pandemic, more than 400 unique malicious mailings have been recorded.

The adjustments that the quarantine made to the plans for work trips, vacations and travel allowed the operators of phishing campaigns to significantly increase the pool of targeted brands. Since the introduction of travel restrictions, cybersecurity companies have detected phishing attacks on popular travel services such as Booking.com and Airbnb.com.

How To Defend Company’s Data When Working From Home?

One of the popular cases: during the pandemic, a remote employee receives a letter with a list of colleagues working from the office who tested positive for coronavirus. Having opened the PDF file attached to the letter, such an employee downloads the ransomware to the device, which encrypts all files and requires a ransom in cryptocurrency. Sad situation.

Remote work and the associated risks have strengthened the role of automated protection systems, which continuously monitor threats to all elements of the distributed IT infrastructure, ensuring its stability as a single complex.

Remote operation requires the creation of a “fourth wall” in the defence of the network perimeter to close it and make it inaccessible to the attacker. In this context, particular attention should be paid to solutions capable of protecting this perimeter, even though it has expanded significantly and is now not limited to the office.

Remote work organization checklist

Let’s check what measures you can take to minimize risks. Below is a checklist for managers and specialists of information security departments for organizing remote work.

Regardless of the method of organizing remote work, at the network level, you must make sure of the following:

  • Remote access to the organization’s network is protected by two-factor authentication;
  • The remote access logs are quite detailed and there is enough free space to store remote access information for the last 6 months;
  • For the period of massive remote work, the SOC is aware of the importance of closer monitoring of any abnormal activity;
  • Any connected host must fall into a separate isolated zone, from which access to the services it needs is provided;
  • External channels intended for the company’s access to the Internet have sufficient bandwidth, redundancy is provided with several Internet providers;
  • Users know and understand information security rules;
  • The differentiation of access to the necessary services for different user groups has been implemented, taking into account the principle of minimum privileges;
  • The employee is limited to one active session.

These are not all recommendations. We have collected more instructions in a Blog article on the NEKLO website. Explore our best practices on how to ensure a seamless workflow, prevent, detect and respond to cyberattacks, and defend against intruders, and stay cybersafe.

You may also like

Leave a Comment