Post-Covid Cybersecurity Considerations – What have we learnt and how will this affect the future.
The Covid-19 pandemic has meant that organisations have been exposed to a higher level of cyber risk, with technology being rolled out at speed to large numbers of remote workers; opportunist cybercriminals are taking full advantage.
One thing is certain, the cybersecurity threat landscape is constantly evolving, with new vulnerabilities surfacing daily and the threat of malicious attack on the rise – a statement that we are all too familiar with. Now add to that an unprecedented global pandemic, forcing organisations to run their entire operations remotely, with little preparation, this has amplified the threat landscape significantly. Having strong cybersecurity measures internally is one thing but replicating that for employees working from home for a long period of time has proven challenging on many levels. Throughout the COVID-19 pandemic we have seen many new security challenges arise as people worldwide have had to drastically change the way in which they work, communicate, share and socialise, expanding further avenues for potential cyber risk.
With the government restrictions now easing, many businesses are now opening or preparing to re-open their workplaces to their staff, many of whom have been working remotely for the past 3 months. As a result, we are seeing an influx of requests from clients to evaluate the cybersecurity challenges and help identify potential vulnerability risks faced by the return of multiple remote devices into the workplace. In addition to this, we are seeing that many organisations want to embrace this new digital adoption and to facilitate a change in business culture moving forwards, looking to us for advice on the measures and controls they need in place to support a secure remote working culture on a longer-term basis.
New ways of working – The security challenges
Statistics released by the UK’s Office for National Statistics showed that in April 2020, 49.2% of adults in employment were working from home, this figure has since dropped to 29% as of the end of June. With such a large proportion of the UK’s workforce adopting a remote working model within a matter of days, it became apparent that many businesses had to quickly adopt new ways of working but unfortunately they did not have time to fully consider the security implications. For the majority of businesses, especially SME’s, continuation of service and employee productivity was the immediate challenge, their priority was getting people working remotely as effectively and quickly as possible, with the security implications having to come secondary in peoples planning. With such a huge influx in people working from home, accessing corporate networks using virtual private networks (VPNs), in many cases in the absence of adequate safety measures, the attack surface rapidly increased for hackers.
With the rise of mobile networking and cloud over the past decade many businesses were already in the early stages of adopting a new framework to support and control a remote workforce, COVID however accelerated the need to securely enable a large, if not entire workforce, to work from home almost instantaneously, forcing businesses to rapidly advance their plans, with many having to spin up cloud services quickly, moving from their on-premise or hybrid environment to a full cloud platform in response.
Online collaboration tools
The COVID pandemic also fast-tracked the adoption of virtual collaboration and video conferencing tools for many businesses; whilst most organisations, certainly global organisations, were already widely using collaboration tools such as Microsoft Teams or Cisco Webex, many others had to implement a quick fix to meet this requirement, unfortunately the adoption of many of these tools had to be made without the time for suitable due diligence, or for potential security considerations to be made, opening many companies up to additional security risks.
With the boost in demand for these online collaboration tools, Zoom one of the platforms of choice for many during the pandemic, reported that meeting participants on the platform had surged from 10 million per day in December to 200 million per day in March, and 300 million daily meeting participants in April. Microsoft reported a similar surge in daily active usage of Team’s, their video conferencing and collaboration tool, increasing from 32 million daily active users in March to 75 million in April.
Lack of security policies
Security vulnerabilities in platforms such as Zoom have been widely reported over the past few months, with many stories of “Zoom-bombing” and data privacy breaches making the headlines, however it has become apparent that whilst there are known vulnerabilities with many of the platforms, the wider issue is that organisations are not applying the appropriate security policies for their virtual meetings.
Microsoft Teams for example, one of the more secure platforms, offering standard features such as authentication and file share controls, still needs to be configured, controlled and managed at a policy level, additionally, and equally as important, user training and risk awareness needs to be managed appropriately. What types of conversations are your users having online? Are they sharing sensitive or confidential information? Do they understand the risks involved? Video conferencing security policies need be compiled and communicated throughout the entire organisation so that all employees, from admin to senior management, are aware of the potential risks of sharing sensitive information.
Increase in personal online activity
Another risk to the corporate device in the past few months has been the increase in personal online activity, including social interaction. Whilst many organisations have recommended or implemented video conferencing tools for corporate usage, there has inevitably been a surge of activity on non-corporate applications such as House Party, Facebook messenger and other online video platforms. How many times have you been invited to join a family or friends online quiz, or asked to join a video call from a relative using an application that you would not usually access? Perhaps your children have been using your corporate device for some of their schoolwork or even gaming? Over the past few months corporate devices have being flooded with non-corporate usage that they would not usually see. Whilst some organisations might have the security measures and controls in place to block unauthorised internet or app usage on their devices, many do not, meaning unsecure sites and apps have been used and installed, opening vulnerabilities that can lead to malicious attack on the corporate network. Once access has been gained to a network, hackers can install malware that they activate at any time. How confident are you that your devices have not been compromised whilst on the home network? Once again, we need to consider the human element with these risks. Part of the problem is that when devices are fully locked down, users can become frustrated and whilst control measures need to be in place, they should not render the device unusable as it often forces users to work from their own devices instead of their corporate device, again posing additional security risks and creating further scope for cyber-attacks.
Hackers are opportunists, they will look to exploit security vulnerabilities in whichever way they can. With such an increase in opportunities throughout the COVID pandemic and with organisations being at their most vulnerable, cyber-criminals have been taking full advantage exploiting the known vulnerabilities in remote working tools and video conferencing software for their malicious activities and personal gain. There has also been a significant rise in both ransomware and phishing attempts to both personal and business users.
Drive your future cyber strategy with people and process
Looking to the future, it looks like the “new normal” will not be business as usual, with the shift in remote working culture that has been seen over the past few months, people that have never worked from home, have now realised the benefits and rise in productivity and will no-doubt want to continue to work from home in the future. Questions are being raised about whether this will change how businesses and people engage entirely, with an expectation that the new ways of working that have had to be embraced, appear to be here to stay.
Whilst the past few months have been a learning curve for all, IT professionals and security teams included, there is most certainly a need to now start to look to the future in order to fine-tune the technologies and policies needed to securely support a remote workforce longer term.
Whilst the risks are well understood by your IT team or security professionals, your users may not comprehend the risks inherent in the tools that you have deployed, or they have used as a workaround. Trusted platforms and security solutions help to control the risk, but they do not eradicate it altogether, to ensure that you maintain a secure remote workforce for now and for the future, you not only need to have the appropriate tools in place, you also need to ensure you raise awareness internally, educate users regularly on the issues that exist, train your workforce, guide and drive the cyber strategy with people and processes and build security into everything you do.
Our team is available to assist you with threat landscape analysis, security remediation, policy creation and user behavioural training. If you need assistance addressing the risk of the “new normal” or have concerns around bringing remote devices back onto the corporate network, contact us today.