Friday, October 9th, 2020
Improving cybersecurity for the workforce of the future
Many organisations continue to have employees working from home, but have they strengthened their cybersecurity efforts to better equip and protect their employees and their valuable data?
Cybercriminals have shown us that they thrive when disaster hits, which provides them with opportunities to target individuals researching information on the internet. Users are now already 3 times more likely to click on pandemic related phishing scams and billions of COVID-19 pages can be found on the internet currently. The sudden shift to remote working due to COVID-19 increased the number of cyber attacks by 667% and has also identified many holes in organisations’ security systems. It has, of course, also led to a large distracted workforce that is vulnerable to social engineering. Other WFH habits like password reuse and letting family members access corporate devices are putting critical business systems and sensitive data at risk.
The rapid digital transformation that the pandemic has forced upon us has seen us rely almost totally on the internet, ecommerce and digital communications to do everything from shopping to working and learning. It has brought into focus the threats we all face and the importance of cybersecurity skills at every level of society. With 92% of malware delivered by email (CSO Online) – it has never been as important for employees/ the general public to be informed.
Since shifting to a WFH model:
The massive shift overnight to remote working put organisations at risk. Many businesses have since established a culture of robust cyber hygiene, by providing employees with the necessary resources for managing access and monitoring activity on critical assets safely. This has been critical for businesses as remote access systems were never built to carry such a level of secure data. And the modern WFH model is only going to grow in the future with 72% of talent professionals agreeing that work flexibility (which includes remote work options) will be very important for the future of HR and recruiting. (LinkedIn)
Since April of this year, cybersecurity has no longer been part of the IT function; it has become part of a strategic approach driven from the top and carried out by all employees. Learnings from the initial phases of remote work have already shaped future cybersecurity strategies, prompting another look at the security of processes and architectures.
Cybersecurity leaders should now prioritise the execution of critical projects as well as automation to improve the security of remote users, devices and data. This shift will more than likely occur under tightened budgets and scarce resources, changing risk management as well as driving innovation.
Ransomware and Remote Working
If Twitter can be breached, then every company must be vigilant.
As businesses pivot their strategies to survive the economic downturn, the cost of a ransomware attack—which can be upwards of hundreds of thousands of dollars—can deal a severe blow to their bottom line. While ransomware is not a new cyber-threat, the recent disruption has caused a huge spike in ransomware attacks. Ransomware and disaster recovery should continue to be top priorities for businesses planning for the ‘new normal’ as we come out of this pandemic. Those who are seeking the best approach for protecting against a ransomware attack should strongly consider a cloud disaster recovery technology that combines the functionality of primary storage, backup and recovery into a single-pane solution that enables speedy and easy recovery of data from the point of attack.
Large US hospital chain recently hit by Ryuk ransomware attacks
US-based healtchare giant Universal Health Services (UHS) suffered a cyberattack in late September, which resulted in the IT network across its facilities to be shut down. The encrypted files sent to UHS sported the .ryk extension. Some ransomware operators have previously stated that they would refrain from hitting healthcare organizations. Despite that, the number of attacks targeting medical institutions continues to rise.
This Ryuk ransomware has been one of the most prolific families of ransomware over the past few months, with the number of Ryuk attacks rising to around 20 a week. Each Ryuk attack is meticiously planned to inflict the most damage and disruption. Ransomware preys on organisations that can’t afford to have their networks taken down by an attack – which is likely the reason why researchers point to a two-fold increase in the number of ransomware attacks against healthcare organisations over the past few months.
Ryuk ransomware mainly targets business giants and government agencies that can pay huge ransoms in return. It recently targeted a US-based Fortune 500 company, EMCOR and took down some of its IT systems.
Tycoon is a recently discovered ransomware strain that is written in Java. This malware has been targeting several organizations in the education and software industries, including SMBs. This malware is considered as an unusual one as it is deployed in a trojanized version of Java Runtime Environment. It is compiled in ImageJ, a Java image format, for malicious purposes.
It has been discovered targeting Windows and Linux using the Java image format as part of the attack process. The Tycoon has been aggressively targeting since the last six months of its discovery but the number of victims seems to be less for now.
Reportedly, this ransomware uses different types of techniques that help it to stay hidden. Tycoon denies access to the administrator after it infects the system, following an attack on the file servers and domain controller. It takes advantage of weak or compromised passwords and is a common attack vector that exploits servers for malware.
Building and sustaining cybersecurity for the future:
Cybersecurity threats are growing every day and COVID-19 has shown us just how critical cybersecurity is to the successful operation of our respective economies and our individual lifestyles.
The aim of organisations will be to achieve and sustain a level of cybersecurity culture within their organisation, and organisations have a duty to keep employees informed and are upkeeping cybersecurity standards and keeping company assets safe.
Despite receiving confidential business data to their remote location regularly, less than half of remote employees say they receive proper internet security training. (GetApp) Upskilling of workers will be key in the future. Your employees are and will continue to be exposed to sophisticated social engineering attacks. This can be avoided with smart security training to cover methods of detecting these attacks and reducing the risk of this happening to your organisation.
Organisations must also strengthen their home network to stay ahead of competition. It’s a good idea to start with a strong encryption password as well as a virtual private networks.
What’s next for remote working?
Hybrid models are bound to be introduced by many organisations – these models would see most employees split their time between working from home, office and on-site. This of course brings new challenges for employees and organisations. We see many technology-driven innovations like hoteling, identity an aware network and virtual offshore development centers will also find their place in the workplace of the future.
The biggest cyber-risk with this shift will be data security risk. Access restriction, multi factor approval processes for any information sharing and limiting access to sensitive information to certain working hours will be enforced. So as for preparing the workforce of the future – organisations need to focus on building cyber and data secure cultures.
Furthermore to this, the evolving IoT landscape will overtake the traditional network we use today, further exposing privacy and cybersecurity challenges. As work and our relationship to it continue to be redefined, humans will remain central to evolving cyber threats, technology and disruption.
By the end of 2020, security services are expected to account for 50% of cybersecurity budgets. (Gartner).
Prevention will always be the number one. To take a cybersecurity prevention approach, organisations need to start by instilling a culture in which security is everyone’s responsibility. This includes implementing training programs to educate employees about potential threats and ways to avoid putting the organisation at risk. Furthermore, businesses should also implement cybersecurity tools and technologies that identify threats and prevent them from becoming a reality.