Chapô: the resurgence of cyberattacks, which result from the effects of Covid-19 on the organization of work, threaten the home networks of companies and users. However, each threat has its own opportunities.
Zoom, Marriott, AP-HP, WHO… As we can see, the current health crisis has been combined with
an increase in computer hacks. But big companies weren’t the only ones
impacted. A veritable catalyst for cybercrime, the massive and forced use of telework has strained IT / Security departments already at all levels. So, with the drastic increase in the number of people working remotely, what threats have been observed to network and data security? And above all, how to remedy it?
Massive telework and IT security: a fine balance
The need to quickly connect large numbers of individuals from their homes and the need to not compromise their cybersecurity is a delicate balancing act. Especially since some of the users do not have remote work systems secure enough to support 100% of work at home. In the rush to roll out telework massively, companies therefore had to be careful not to expose critical systems without proper security controls, relying on internal security teams, suppliers or third-party experts. A security incident that sees hackers break into corporate systems through misconfiguration can therefore be more costly than a brief hiatus during which more secure systems can be put in place. square.
Once a secure remote connectivity solution has been implemented, THE key threat to networks remains availability. Systems then have to deal with more traffic from homeworkers, as well as distributed denial of service (DDoS) attacks by a malicious party. Combined, these threats can have a greater business impact if they make remote connections impossible.
This is why some remote working strategies rely more on the use of non-corporate assets, such as home computers that connect to virtual desktop solutions (VDI) or the cloud. While this is often a good intuition, it is still a good idea to maintain control over corporate data through a combination of technical and non-technical controls. For example, the use of technical controls to block the transfer of data between unreliable home computers and virtual offices, coupled with the conclusion of legal agreements with cloud service providers can clarify the ownership and use of data. of the company.
Once massive teleworking has been implemented by companies, cyber threats come in various forms. Among them is an old enemy that can contaminate an entire given network: phishing.
When phishing feeds on fear of Covid-19
Cybercriminals are seeing the psychosis surrounding the current global pandemic fueling the threat of phishing, which already worries businesses and their users in normal times.
Thus, this period saw a significant increase in scams, scammers exploiting and deceiving their victims so that they reveal sensitive information, make donations to fraudulent charities or install software that encrypts files and demand ransoms. Other scams include phishing emails and hooked phone calls pretending to be the World Health Organization, government officials and legitimate businesses.
As a topical example, many phishing and SMiShing emails
(phishing via SMS) have been designed to resemble those of national health authorities (from the United States Center for Disease Control (CDC), WHO or the British NHS) and contain medical advice related to coronavirus. Other emails on workplace policy encouraging users to “download a new coronavirus policy” or “security measures for coronaviruses” have also been identified.
The risk of phishing seems isolated, but it is only the tree that hides the forest. Opening a corrupted email can expose other cyber threats to the home network. In other words, a single flaw can give a hacker several means of infiltration into a given system, and cause a domino effect infecting the entire network of a company if the problem is not controlled in time. Hence the absolute need to keep control of the security of your network, which in fact reduces the risk of an exogenous IT incident.
Securing a business network in 4 steps
Prevention is better than cure. The urgency caused by the current pandemic must therefore serve as a lesson given to public and private actors, in order to secure their entire IT structure, the network in particular. Companies must therefore take the time to think about the implications of teleworking, following four essential steps.
- First, IT teams must work in unison with security teams as soon as possible, so that security is built into all plans and designs.
- Then, where possible, use the proven and integrated telecommuting capabilities and security features of their existing platforms. For example, Office 365 has many preconfigured functions, no need to tinker with something custom-made quickly.
- Then it’s also important to have a clear communication plan, and to keep users fully informed about how they can work safely and ask for help remotely.
- Finally, suppliers should be approached, as many of them offer extensive assistance and advice during these troubled times. Some even offer free software that employees of a client company can use at home (for example, an antivirus).
The upsurge in cyber threats at all levels since the onset of the health crisis is certainly real, but it also offers the opportunity to make a colossal leap forward in IT security for businesses. At the heart of this security is the network, a marrow of work in the office or at home. Protecting your network is tantamount to perpetuating a work organization that will increasingly turn to remote work.