Crime

Remote risk: Work from Home = Advanced Persistent Threats

It does not matter how well you have brushed up on your security acronyms, if you have not brushed up on your remote working security systems, then you are in trouble. The speed at which the world has had to move online, digitally transforming traditional workforces and approaches, has left many companies vulnerable. The risk lies, not in the shift from office to home working, but in unexpected gaps in security and process. According to Karien Bornheim, CEO of Footprint Africa Business Solutions (FABS), it is these holes that can seriously impact the organisation during the pandemic.

“You are likely suffering from pandemic fatigue and don’t want to hear about another problem, risk or challenge,” she adds. “Every news item, every article, ever radio interview is covering the impact of the corona virus on people, places, and productivity. It is overwhelming. But the reality is that if you are managing a business that has moved into the home, there are substantial risks attached to that reality and you need to be prepared. The work from home (WFH) phenomenon does equal an increase in advanced persistent threats (APTs).”

Cybercriminals have been quick to take advantage of the remote working situation. There has been a virtual explosion in extremely intelligent phishing emails that have been tailored to scare people into clicking on dodgy links to smart malware intrusions that walk straight through the corporate door thanks to poor passwords and even worse home security systems. People are busy learning how to use new systems and are juggling multiple logins, technical tools, and platforms, so it is easy for them to click on the wrong email and open the company to attack.

“The cybercriminals are taking advantage of the fact that people are busy and overwhelmed,” says Bornheim. “They are trying to get into a specific account to manage their workflows while figuring out how to log into a particular conferencing system while handling a massive influx of emails and meeting requests. When you are managing a ton of new passwords and logins and you get an email warning you that you are about to lose funds or that your office login is about to expire, you will very likely click on it, even more so when it is an email about the latest do’s and don’ts regarding the virus.”

Cybercriminals use the fear factor to get people to make mistakes. Phishing emails are increasingly smart now – they are not necessarily badly written and easily identifiable anymore, they are targeted and designed to scare people into filling in their passwords or providing their personal information. Using well-known brand names, fake websites, and believable messaging, the cybercriminals gain access to corporate passwords and information. It happens in only a moment, but the damage is long-lasting and expensive.

“Once the company has been hacked or infected with malware, such as ransomware, it becomes very costly to remove it,” says Bornheim. “There are ways of mitigating the damage, but if your backups are kept online, there is a high chance that they are also infected, and you may lose your data. Hackers have become incredibly smart – they don’t immediately activate ransomware the moment it penetrates the system, they wait until it has been embedded into the backups and then they activate it.”

This makes user education one of the most critical first steps for any remote working organisation. It is the same education that would be provided to employees when it comes to their security hygiene in the office, but it expands to include home devices, networks, and security measures. Ensure that employees are not downloading a myriad of applications to their desktops and into the corporate network, provide them with insight into how phishing and ransomware work, give them high-end secure passwords and show them how their security efforts protect both their interests and those of the organisation.

“Implement a company VPN for all employees as this provides a secure channel of communication and collaboration for the business,” says Bornheim. “Create regularly updated lists of new threats and vulnerabilities and ensure that your employees understand the risks and how they can avoid them. And, of course, implement robust and agile security systems that are capable of handling the remote working environment.”

From the secure VPN to end-point security software to rigorous device management processes, the organisation has the tools it needs to protect its people and its assets. Do not allow employees to get away with poor passwords and just in case there is that one person who just cannot get past using ‘12345’ as their password, make multi-factor authentication mandatory. These measures can be further enhanced through security system monitoring tools that are designed to recognise unusual behaviour patterns and that can identify potential areas of risk.

“These systems will identify strange patterns in login behaviour almost immediately and can be critical when it comes to preventing a hack or stopping one in its tracks,” concludes Bornheim. “With all these measures in place your remote workforce will be empowered and protected, and your business will be in a strong position to deal with the cyber threat. These measures are not just for the pandemic either, they will stand your organisation in great security stead when people return to the office. If they return to the office…”

Pin It on Pinterest