by David Wren
A transition back to work creates the change that bad actors need to exploit your users!
As cyber criminals are leveraging the pandemic, we must also be prepared to answer any attacks on data and systems with early response. The disruption caused by a swift transition from working in an office to working from home has created the opportunity for bad actors to phish, exploit, and undermine the security of organizations. We have an opportunity to get ahead of these attacks by paying close attention to our employees, our data, and our devices. Following a return to the office, attackers will once again take advantage of the disruption to gain access and exploit our networks, data and people.
Our transition back to a socially distanced workplace, introduces security complications and additional attack vectors. Enforcing Authentication and password policies for in-office, at home and transitional employees acts to safeguard our trust in digital communication and protect our network in the occurrence of another stay at home order. Those policies prevent false authentication and inhibits bad actors seeking to gain access to systems and data.
Organizations affected by the pandemic should invest resources in expanding flexible work capabilities to protect the current and future workforce. Without proper long-term implementations, how employees connect and interact with our remote services can lead to vulnerabilities and the instability of networks and business cycles. Cyber criminals realize that the workforce is operating under unusual schedules, flex time and nontraditional computing resources, and an increased reliance on digital communication to remain productive.
The change in workplace and organizational operations was the catapult to increased threat actor activity with phishing and email scam attacks in an effort to capitalize on the workforce’s uncertainty and relaxed security awareness. Traditional email and spam filters have not kept up with evasion techniques threat actors utilize today. The FBI reports that Business Email Compromise (BEC) is one of the most common methods that hackers use to commit fraud in the St. Louis region. There are additional tools to help prevent email spoofing and other advanced evasion methodologies. Current phishing threats are still 30 to 40 times more than pre Covid-19 levels, and the majority are related to the pandemic and economic recovery to include exploiting the PPP and SBA efforts.
A great deal of attacks can be prevented with proper training and testing is followed on a regular basis. Also, onboarding practices must be adapted to provide training on the organization’s policies and practices for new employees. Providing constant training and clearly communicating security expectations gives the workforce the right tools to defend against savvy attackers.
As organizations begin to reopen the office, many employees will be returning with company laptops and storage devices that were on the home network. The influx of computing assets presents a double threat of malware spread and data access control.
The introduction of partial work from home schedules for the majority of Americans results in decentralized operations and this change in normal operation results in an increased attack surface with additional levels of vulnerability. This includes added ingress/egress points for bad actors to exploit.
Many companies are implementing a rolling schedule of allowing some employees into the office only on certain days. This change in scheduling will result in high amounts of data being moved whether that be on a physical device or over a digital connection. Any physical restrictions or security can not be relied on to protect data from leaking. Ensuring the access being provided has the same security assurances at home is essential in creating a fluid workplace between the office and home. It is important to implement some digital monitoring tools to inspect traffic flows in addition to endpoint and device security.
Creating a work from home data policy acts to protect the organization’s data by setting expectations and enabling enforcement. Communicating data management policies and setting a precedent of security for data handling outside of the workplace can greatly improve organization security. Data security is a crucial component in our overall pandemic security strategy. With the onset of the COVID-19 pandemic, employees are required to have access to organization data both in office and at home as the virus forces us to open and close our workplace following outbreaks.
Cyber criminals are taking full advantage of the circumstance brought on by the COVID19 pandemic and the economic recovery. Having foundations and expectations for data security can prevent the mishandling or leaking of sensitive information.
David Wren, CISM is President of Network Technology Partners, a regional Cyber Security Intelligence firm headquartered in St. Louis, MO. He can be reached at firstname.lastname@example.org.