Many of us don’t like to think about what was happening in our businesses one year ago. Companies were cutting services, sending people home, and even shutting down entirely to prevent the spread of COVID-19. Sadly, some didn’t make it through the pandemic, and others faced difficult times. But there is good news: many companies did make it and some even thrived. The hard times led to innovative approaches to work, productivity, and communication.
Throughout the confusion, organizations forced to focus on the logistics of having employees work remotely might have overlooked important cybersecurity considerations. And, if some of those same employees start coming back to the office post-pandemic, they might find a different cybersecurity landscape from the one they remember.
No matter what your company’s configuration is in the coming months — work from home (WFH), work from the office, or a combination of the two, as we do here at BairesDev — you need to be aware of recent trends, changes, and developments. Here we explore important considerations as the business world transitions from the new normal to the next normal.
What to Expect
Cybercriminals may be devious and unethical, but one thing they’re not is stupid. They’re very aware of what’s going on in the world at any given moment and are ready to exploit the weaknesses they observe. As more employees started working remotely when the pandemic began, they ramped up their efforts to fool workers into divulging credentials that could enable them to get access to sensitive information such as customer credit card numbers.
Since then, as arrangements have changed, perhaps multiple times, cyberthieves have continued to take advantage of the chaos. Their tricks include sending an email message to a worker that looks like it’s from their boss, asking for their home router password, or the credentials to log onto a system that contains private customer information. This type of incident (known as phishing) and many others are likely to continue.
The following video describes additional variations of a phishing attack:
Old Threats Are Still a Problem
Pre-pandemic attack approaches are still a threat, and some even more so than a year ago. Let’s take a look at several popular types of attacks and what has changed in recent months.
- Phishing. First, a bit more about phishing. In addition to the scenario mentioned above, in which an employee receives an email ostensibly from a boss asking for login credentials, this trick can take other forms. A worker may receive an email containing a link that goes to a fake website asking for such information. In all cases, the victim is asked to provide information that enables hackers to access company systems.
Employees returning to the office may be distracted by the transition and less diligent about avoiding these types of attacks.
- Ransomware. A ransomware attack involves cyber criminals gaining access to data and holding it until the victim pays a “ransom.” Having backups can help because you still have access to your data, but cybercriminals are now also threatening to release data to individuals, companies, or the public.
Given the high degree of damage this action could do to a company, employees returning to the office should be aware of this new development and be extra cautious.
- Tailgating. Cybercriminals take advantage of people’s natural inclination to be friendly and helpful. One way they do it is to pose as a visitor, maintenance worker, UPS driver, etc., and follow employees into their workplace. Once in, they access and sometimes steal confidential information in paper or electronic form.
Employees are more susceptible to this trick post-pandemic when rules about entry might have changed.
- USB baiting. Another example of cybercriminals taking advantage of people’s natural friendliness is when they leave a USB stick in an open location, knowing that the person who picks it up is likely to plug it into their own computer to see if it has information about the owner, so they can return it to them. But the real purpose of these devices is to infect any computer they’re plugged into and, in turn, the entire network.
Employees returning to the office may be distracted by other things and not think to hand the USB stick over to IT.
Remote Work Attracts Hacks
Some of the threats listed in the previous section can be a problem for employees whether they’re coming back to the office or remaining at home. Other challenges are specific to WFH arrangements:
- Cloud attacks. The pandemic created the need for more employees to work remotely, which meant the implementation of more cloud services for greater access. This approach increases convenience and productivity but can also serve as an entry point for attacks. Cloud malware attacks include hypervisor denial of service (DoS), distributed denial of service (DDoS), hypercall, hyperjacking, and exploiting live migration.
- Router hacks. If a home router lacks strong security, cybercriminals can use it to launch a botnet attack, including DDoS, click fraud, data theft, or account takeover. The problem occurs when a WFH employee fails to update their hardware or create a strong enough password. IT teams should step in to ensure each WFH employee has a secure arrangement.
- Personal devices. In a practice known as BYOB — bring your own device — employees may be using their own equipment, such as a laptop or mobile phone, to perform company work. The problem comes in when these devices aren’t properly secured. Again, IT departments must develop policies for these situations, especially when workers and their devices are less accessible when working from home.
- Public Wi-Fi. Some WFH employees may not technically be working from home. As more locations, such as coffee shops, begin to open up, workers may want to get out of the house and spend a few hours per week in those places. However, hackers can set up fake public Wi-Fi channels and steal data being sent by anyone who connects to them.
Steps to Take Now
The number of cyber threats that could potentially harm your company can be daunting. Fortunately, there are many ways you can approach staying safe, including the following:
- Ongoing employee training that helps workers identify and mitigate multiple types of threats
- Integrated security that takes into consideration all attack vectors, including onsite networks and WFH devices
- Zero Trust security model, including robust policies for outgoing employees
Finally, no matter how careful you and your employees are, there is always the possibility that an attack will occur. So, take the time to make a plan for what you would do in the worst-case scenario.