If there’s one thing we’ve learned over the last six months since the news of COVID-19 first broke, it’s that cyberattacks thrive on chaos. In a new post titled, ‘The Next Normal: Remote Working Revealed New Security Holes—Returning To The Office Won’t Close Them,’ WIRED reports that “hackers see change, uncertainty, and global disruption not as turmoil, but as an opportunity.”
As the global chaos of COVID-19 spread across the world back in March 2020, the World Health Organization (WHO) noticed and reported on a five-fold uptick in cyberattacks. It put out advisories warning the public about malicious email attachments and online scams tied to top-searched keywords attached to the organization such as ‘COVID vaccine’ or ‘Coronavirus cures.’
Fast forward a month or so and as most office employees suddenly found themselves working from home, remote working scams proliferated, such as fake emails from company IT teams requesting password access to enable VPN access, or impersonating the company HR department or even the CEO.
As previous tight controls on the office perimeter were loosened by necessity, a (perhaps unsurprising) champion that emerged from the chaos has been artificial intelligence-based security solutions. The disadvantages of using rigid or rules-based security products quickly became apparent, as an “infrastructure in flux” became the new norm overnight. In order to defend their workforces, companies took a leap of faith and began trialing so-called next generation security products that use the power of machine learning to supplement security teams (for example, managing out-of-hours or mobile attacks).
According to the WIRED report, “Today’s workforces are dynamic, and working can mean working from anywhere and everywhere. Cyber AI technology enabled the rapid transition to remote work, and it will continue to play an essential role in maintaining and optimizing the dynamic workforce’s efficiency as we move into the future.”
WIRED also notes that according to a recent survey by Darktrace, the main threats posed by attackers capitalizing on the cyber-chaos caused by COVID-19 include:
- Out of Hours Attacks: Throughout June 2020, over 9% of activity alerted to customers was sent during the weekend or on public holidays.
- Ransomware: Around 2% of breaches alerted to customers related to "suspicious file writes with unusual extensions or filenames indicative of potential encryption".
- Lateral movement: At least two-thirds of alerts sent in June 2020 were related to activity that showed attackers searching for and attempting to compromise other devices.
- Security-as-a-Service (SaaS) Account Hijacks: Over 1% of alerts were related to SaaS activity. Logins from unusual locations, as well as anomalous account administration, can be an early indicator of compromise.
- Banking Trojans: Banking Trojans can often be seen in conjunction with other forms of attack, such as ransomware, cryptomining infections, and data exfiltration, which means that finding the Trojans early on can help prevent further infection later.
The takeaway from all of this is that ‘the new normal’ of cybersecurity is so much more than just ensuring that employees and other corporate users don’t reuse passwords. As more companies adopt remote working tools, Internet of Things (IoT) devices, cloud platforms, BYOD, and ever-more-diverse endpoints, companies need to bake the strength of protection and early detection into their infrastructure, rather than relying on human security teams to protect their newly remote workforce.
Read the full story: https://www.wired.com/sponsored/story/the-next-normal-remote-working-revealed-new-security-holes-returning-to-the-office-wont-close-them/