Remote working: The real cyber risks
When the world went into lockdown mode about a month ago, security experts were quick to point out the security risks in working from home. Undoubtedly, many companies were badly prepared to most of their employees now working remotely. But how real are these risks – and are cyber criminals taking advantage? Do companies need to worry? The answer is yes.
We at Cybersecurity Magazine had our own thoughts on what might happen in the cybersecurity industry during the Corona crisis: even though the economic consequences will be hard, the crisis might contribute to raise security awareness, leading to probably higher spendings in corporate IT.
And, we also asked around in the cybersecurity community – as expected, the increase in cybercrime during the current crisis is not only a gut feeling – it’s backed up by some pretty shocking numbers. Cybersecurity Magazine therefore decided to make remote working and cybersecurity during Covid-19 our focus topic. In various articles we give insight into how cybercriminals are exploiting the current situation, which areas are most affected and, of course, we’ll feature some guest authors who advice on how companies and remote workers can protect themselves.
Brute Force on the rise
First, let’s dive into some numbers. The most shocking number we saw was the increase in brute force attacks – a method that automates the random entry of passwords – which was reported by Varonis, a security provider focusing on securing data. They saw a spike of brute force attacks on cloud services such as Office365. Matt Lock, Technical Director for Varonis: “Before the COVID crisis, brute-force attacks made up 40% of the attacks we saw. Now brute-force attacks make up over 60% of total attacks”.
Another prominent number in recent days came from Google. The search giant saw an increase of 18 million phishing and malware emails in just one week – a daily increase of 18 million, that is! Not only Google publishes alarming numbers: A report published by Atlas VPN speaks of 22 million attacks on business in the week from April 13-19 alone.
They predict that this year will see a record-breaking number of cybercriminal activities. These numbers back up the opinions we heard when we first wrote about the actual impact of the corona crisis.
There are also other impacts. Companies who focus on technology which make working from home more secure experience a high demand, whereas other experiences mirror the sudden shutdown of the economy in most countries. A summary of what the industry is saying is available in our article “The actual impact of Covid-19 on cybersecurity”.
Security during Covid-19
So, it seems that hackers make “good” use of their time at home as well – but how can companies and individuals protect themselves? Matt Lock from Varonis suggests to focus on protecting data and detecting unusual behavior rather than trying to protect every single piece of technology. However, he stresses that securing devices, access and technology is just as important. This is why we’ve asked Anand Prasand, Co-Editor of Cybersecurity Magazine and CEO of wenovator, to present his perspective on how companies can protect their remote workforce.
As the situation around the globe is evolving – and luckily there seems to be some light at the end of the tunnel, as more and more countries lift the strict lockdown somewhat – we’ll add more articles to our special section on what impact Covid-19, an increased number of home workers and criminal attacks on technology will have on the cybersecurity industry. One thing is for certain: the world as we know it will change. “When it comes to cybersecurity, we surely hope that concepts like security by default and an increased awareness for cybersecurity – things that Alex Leadbeater from ETSI already postulated in his interview with Cybersecurity Magazine – will be given more prominence in the future.
This content is presented in collaboration with our partner