If an organisation’s network were a castle, attacks related to the current global health emergency would be a formidable set of opponents. Hackers circle the castle walls, searching for the smallest vulnerability; spies on the inside may unexpectedly reveal themselves; and exhausted or unwitting employees could inadvertently make unwise decisions.
In this hostile environment, what can organisations do to stay well-protected?
Leading information security vendor CyberArk shares information about the threats that organisations face during the pandemic, and how they can shore up their defences.
As employees face disruptions to their work routines, heightened stress levels could cause them to be less mindful of cybersecurity. Huang Shaofei, President of Singapore Computer Society Cybersecurity Chapter, warned of cyber fatigue in a recent GovInsider Live Studios interview. This phenomenon takes place when employees become tired of keeping up with complicated passwords and the latest patches.
Employees may neglect existing security best practices when working from home. For instance, they may find secure file transfer methods far too slow using home Wi-Fi networks, and turn to less protected services instead.
Such activities could make it easier for malware to enter employees’ devices. Hackers can then enter the organisation’s system from these gaps, and move across workstations in search of critical data to exploit.
The bleak global economic outlook is also forcing many organisations to downsize their workforce. As people lose their livelihoods, resentful employees may steal intellectual property for financial gain or to compromise employers’ reputation, a Deloitte article suggests.
When security teams themselves are disrupted, they may be less able to defend against cyber attacks. Amidst the shift to remote work, security teams may be short-staffed or diverted to support other activities, rendering them less able to identify and address potential threats.
Remote work means that employees are less likely to informally check in with each other about suspicious phishing emails. As early as January, cybercrime operation Emotet has been using coronavirus-related email content to fool users into downloading malicious files.
Many organisations rely on enterprise virtual private network (VPN) systems to secure their internal systems as they work remotely. Faced with the sheer volume of work that is moving online, security teams can become more liable to error, creating openings for hackers to enter into the system.
As organisations become more reliant on online services, remote access systems are becoming a prime target for Denial of Service (DoS) attacks. These overwhelm networks so they crash and become inaccessible to users.
In the first quarter of 2020, Distributed DoS attacks (in which multiple systems attack the same target simultaneously) have risen more than 500 per cent compared to the fourth quarter of 2019, Nexusguard reported. While these attacks typically do not result in information theft or loss, organisations often have to spend large amounts of money and time to restore services.
How can companies address these?
Firstly, organisations have to make sure security systems do not have any glaring holes. Security teams should ensure that VPN services are reliable and secure. They should also single out the services that are crucial in managing cyber risk, such as security monitoring and identity management, and ensure that sufficient manpower and funding is set aside to ensure that these systems are always operational.
A key way to protect networks is to decrease the area that is vulnerable to attack. Organisations need to ensure that staff have access only to the information and applications that are essential for them to use in their work, solely when they need it. These permissions should be revoked immediately when an employee’s period of employment ends.
CyberArk’s Core Privileged Access Security Solution allows users to gain access to critical systems for a pre-determined time period, minimising the need for security teams to manage lower priority credentials. It can also detect attempts to bypass privileged controls in real time and alert administrators immediately. Such measures help understaffed security teams to consolidate their efforts.
Second, companies should ease employees’ transition into secure remote work. Organisational training providers can design a short training module to teach employees remote work best practices and briefly explain the potential cyber threats they may face, a PwC guide recommends. Organisations should clearly establish a single source of authority that employees could look to for Covid-19 advice within the firm, so that individuals are less likely to engage with potentially malicious content.
CyberArk’s security system can also connect to critical systems via a secure proxy, ensuring that privileged credentials are not revealed to end-users or their devices. This limits hackers’ ability to enter critical systems when individual employees’ devices are compromised.
As Covid-19 changes the nature of the workplace, organisations have to stay prepared. Investing in a robust cybersecurity framework and educating employees can help them to remain secure despite mounting cyber threats. Click here to find out more on how CyberArk addresses the new risk landscape and secure workstations and remote access.