Will an increase in remote working lead to more cyber attacks?Security expert predicts at least a 30-40% increase in cyber attacks during the coronavirus pandemic as remote working increases
Remote working cyber attacks
The vulnerability of endpoints, from mobile phones and laptops through to home computers will be exploited by cyber attackers to gain access to corporate networks during enforced coronavirus remote working, according to Dave Waterson, CEO at security protection software company, SentryBay.
He predicts that cyber attacks exploiting endpoints will rise by at least 30-40%.
Speaking as hundreds of thousands of employees start to work from home as the coronavirus spreads, Waterson urges companies to quickly ensure that they don’t allow unprotected devices to open the door to cyber criminals.
“Already malicious actors are targeting people with phishing emails, and there is much worse to come,” he commented.
“Endpoints are notoriously vulnerable, with as many as 42% being unprotected at any given time. With so many people using compromised laptops or home computers to log-in to the corporate network, they are creating a weak link in the security chain, and potentially devastating damage to their employer at what is already a very testing time.”
Waterson is anticipating that because over two thirds of security breaches already originate at the endpoint, the huge rise in remote working is likely to lead to a sharp increase in cyber-attacks as a result of this vulnerability.
“Not only are people moving on to unmanaged devices and home computers outside the corporate perimeter, which may only have inadequate anti-virus software protection, but they could also access the corporate network from tablets or phones without realising they have no protection,” he said.
“Most enterprises have little or no control over what software is running, or has previously been executed on these devices, and limited mechanisms for checking and addressing these deficiencies.”
SentryBay’s advice to organisations is to use security solutions that are specifically designed to protect data entry on Bring-Your-Own-Device and unmanaged devices, particularly into remote access apps like Citrix, VMWare, WVD, web browsers and Microsoft Office applications. Browsers that access the corporate network should be locked down, including URL whitelisting, enforced certificate checking and enforced https.
A remote working guide: how can UK businesses prepare for an Italy-style Covid-19 lockdown?
Remote working: defend the email
Companies all across the UK are sending their workers home, and so the need to protect these workers, their devices and corporate networks is paramount.
Beyond Encryption, for example, a Hampshire-based cyber security firm, has followed in the footsteps of Silicon Valley by trialling a remote working policy in the wake of Covid-19.
With the fears surrounding the Coronavirus outbreak worsening by the day, businesses are already relying on technology for remote working.
According to Cisco Systems, WebEx meeting traffic connecting Chinese users to global workplaces has increased by a factor of 22 since the outbreak began. Traffic in other countries is up 400% or more and specialist video conferencing businesses have seen a near doubling in share value, when the rest of the market is shrinking.
Reliance upon email communications will increase significantly but basic email security has remained unchanged for 30 years. Many smaller businesses are still likely to be using outdated Simple Mail Transfer Protocol (SMTP) when sending or receiving email. As such, the default state of all email services is unencrypted, unsecure and open to attack — putting crucial information at risk.
Ensuring external email communications are protected and not susceptible to interception and abuse will be increasingly important.
Paul Holland, CEO of Beyond Encryption said: “With remote working a likely outcome for many of us in the coming weeks, the security and reliability of our electronic communication will be a high priority.
“We decided to road test our own remote working policy to ensure that we truly practice what we preach, that our meetings and conversations were unhindered, and, indeed arguably, we operated more efficiently!
“Many other companies, large and small, are already trialling their remote working policies, from those in Silicon Valley to us here at Beyond Encryption. As well as protecting our health by working from home, it’s important that we also protect our communications and data,” added Holland.