Remote work is now a standard option for most professionals, but the rising popularity of work from anywhere has driven a corresponding rise in cybersecurity incidents.
Remote work during the COVID-19 pandemic drove a 238% increase in cyber attacks, according to a March 2022 report by Alliance Virtual Offices, which provides services to the remote workforce. And Gartner’s “7 top trends in cybersecurity for 2022” called the expansion of the attack surface that came with remote work and the increasing use of public cloud a major area of cybersecurity concern. Trends such as these have made security improvements for remote employees and risk-based vulnerability management the “most urgent projects” in 2022 for 78% of CISOs surveyed by security software provider Lumu Technologies.
A remote work environment can raise the risk of a data breach or other cyber attack for several reasons, according to multiple security experts. Remote work, particularly remote work at scale, significantly increases the potential attack surface that must be protected.
Gartner reported that 60% of knowledge workers are remote and at least 18% won’t return to the office. “These changes in the way we work, together with greater use of public cloud, highly connected supply chains and use of cyber-physical systems,” Gartner warned, “have exposed new and challenging attack ‘surfaces.'”
Remote workers sometimes further expand the attack surface — and increase risk — by introducing unsanctioned technology. “There has been a growth of shadow IT, as people working from home were buying [technology] that may not be sanctioned by IT, but they needed to get their job done,” said Sushila Nair, vice president of security services at NTT Data Services and member of the Emerging Trends Working Group at professional IT governance association ISACA. And, because the technology may go undetected by IT, she added, shadow IT often lacks the security scrutiny and protection it requires.
Remote work not only expanded the potential attack surface, but also moved it outside conventional perimeter defenses, such as firewalls and intrusion detection systems, that organizations traditionally built to thwart ransomware attacks, data breaches and other types of cybercrimes.
“Those had been protecting the castle, but now, people aren’t working inside the castle,” said Ed Skoudis, president of SANS Technology Institute. “They’re out in the field, so those defenses don’t protect them there. We’ve been saying for years that the network perimeters we built were dissolving because of things like wireless and cloud, but then, COVID came and blew it all up.”
Moreover, cybercriminals are seizing on the shift to remote work environments by exploiting vulnerabilities in the infrastructure that enables remote work and tweaking how they target the workers themselves. “Attackers have noticed,” Skoudis added. “They’re really focused on attacking home workers because they are no longer protected in these enclaves that organizations spent the last 30 years building.”
Cybersecurity risks associated with remote work are many and varied, including expanded attack surfaces, security skills shortages, vulnerable networks, cloud-based infrastructures and employee work habits.
With more employees working remotely, organizations simply have more endpoints, networking and software to secure, all of which greatly increase the workload for security departments that are often stretched thin.
Staffing challenges at some organizations can create delays in adequately securing remote workers. In its “2022 Cybersecurity Skills Gap Global Research Report,” network security provider Fortinet revealed that 60% of the 1,223 IT and cybersecurity leaders surveyed said they struggle to recruit cybersecurity talent and 52% struggle to retain qualified workers, while 67% acknowledged that the shortage of qualified cybersecurity candidates presents greater risks to their organizations.
“Workers don’t have cybersecurity teams watching over what’s happening on the home network,” Skoudis said. By its very nature, remote work moves some of the system access, network traffic and data outside the conventional perimeters of the enterprise technology environment and the security monitoring within that environment. Companies generally can’t extend monitoring out to all the endpoints and along all the networks now supporting remote work environments, Skoudis explained.
Workers for various reasons may be downloading sensitive information to their local devices, which may or may not be encrypted, said Scott Reynolds, senior director of enterprise cybersecurity at ISACA. For the sake of efficiency, they may also share sensitive company data over unsecured channels, such as unencrypted email or files, without realizing the risks involved.
Phishing “continues to be a persistent, pervasive threat,” Reynolds said, “and all it takes is for one person to click something they shouldn’t for something to get through.” The risk is heightened remotely since workers have a greater dependence on email and become less suspicious of a well-engineered phishing email attack disguised as a legitimate business request.
The sudden shift to remote work at the start of the pandemic meant many workers used their personal devices to do their jobs, regardless of whether they had the skill to ensure their home routers, laptops and smartphones were properly updated and adequately secured, said Glenn Nick, associate director for cybersecurity incident response at advisory services provider Guidehouse.
Remote work also increases the chance that employees will use unsecured networks, such as public Wi-Fi. Even home networks are often vulnerable to attacks. “People are placed at home working in an environment that they don’t have the technical expertise to secure,” Nick explained. “They may be told to update their routers or use VPNs but may not have the technical expertise to do so. And, at the same time, you have nation-states attacking home routers and home network devices.” So significant is the threat that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted the risk in a June 2022 alert.
CISA also noted that hackers are targeting a broad range of networks, including vulnerabilities in the enterprise networking equipment used to enable remote work.
Companies need to be aware of the technologies that enable remote work. “There is a tremendous amount of vulnerabilities being found in remote work support solutions,” Skoudis warned.
The cloud is an essential technology for remote work, yet it also comes with risks. One such risk lies in misconfigurations, particularly relating to access. Organizations can inadvertently grant users too much access or fail to implement access controls. According to the “2022 Cloud Security Report” by network security software provider Check Point Software Technologies, more than one-fourth of information security professionals surveyed said their organizations experienced a security incident in the public cloud infrastructure within the past year, and security misconfigurations were the leading cause.
Enterprises increased their use of video conferencing and other online collaboration platforms and so did hackers. Cybercriminals can sabotage or disrupt online conferences or prowl around undetected to obtain information, such as proprietary data or corporate emails, which they can use to their advantage, Skoudis said.
Hackers are becoming increasingly more sophisticated to capitalize on the corporate shift to remote work environments. “[D]espite defenders’ best efforts,” read the “2022 Social Engineering Report” by security software provider Proofpoint, “cybercriminals continue to be successful at exploiting the human element to recognize financial gain.”
Proofpoint’s assessment reflects the longstanding acknowledgement that nothing is 100% secure. But companies that follow security best practices can drastically reduce their chance of suffering a costly and sometimes devastating cyber attack:
Cybersecurity budget breakdown and best practices
Top in-demand cybersecurity jobs
Benefits of outsourcing your cybersecurity operations
Steps in DNS server troubleshooting include checking the DNS status, looking at zone configurations and evaluating logs. Follow …
‘Emerging Green Technologies’ details how technology is a flexible tool organizations can use to make business operations more …
In this Q&A, ‘Emerging Green Technologies’ author Matthew N. O. Sadiku discusses the importance of going green and how to make …
The Inflation Reduction Act increases incentives for clean energy, but there is concern that it doesn’t address existing …
The ADPPA passed the U.S. House Committee on Energy and Commerce in July, making it farther than other recently introduced data …
The end of Amazon Care and acquisition of One Medical means Amazon is turning from employee health to direct to consumer.
Businesses have delayed and reduced their desktop and laptop orders from HP and Dell, executives reported. The PC market has …
The shift to Chromium has improved several aspects of Microsoft’s Edge browser — from privacy settings to reliability.
Whether organizations automate their log monitoring within Windows desktops or inspect them manually, logs can offer IT …
VMware plans to change products, strategic direction and marketing to keep up with customers rushing to deploy multi-cloud …
IBM and VMware expanded their long-held partnership with a deal to provide hybrid cloud services and consulting to IT pros in …
Updates to VMware’s flagship vSphere and vSAN software keep pace with enterprise interest in hybrid cloud infrastructure for …
Paul Simos, VMware’s managing director and vice-president for Southeast Asia and Korea, dives deeper into the company’s cloud …
Covid-19 pushes the use of contactless payments for face-to-face transactions to 90% of total
From the cloud comes our water supply – an essential building block and life support system increasingly underpinned by IT …
All Rights Reserved, Copyright 2000 – 2022, TechTarget