Interview: Aura GM on security implications for enterprise during and post-pandemic
FYI, this story is more than a year old
2020 may just be the year of the cyber attack.
Attack capabilities have been getting more sophisticated every year. The proliferation of data has made its theft a more lucrative exercise than directly stealing cash, and while the advancement of technology has bolstered efforts to combat cybercrime, emerging tech has also been used by the other side.
But the spread of COVID-19 has opened the floodgates even wider to cyber attacks, with the great shift into remote working exposing many to heightened security risks, and vulnerability to phishing campaigns has soared.
Techday spoke with Aura Information Security general manager Peter Bailey on what this new normal means for cybersecurity, and its potential lasting effect on organisations.
I’ve seen some really crude campaigns, trying to extort money out of people and just throwing in COVID-19 as another vector of information that they claim to have about the victim.
But some are more sophisticated, designed to look like they’re from the Ministry of Health or the World Health Organisation (WHO) to portray authority and build trust, with links to the latest stats, which will turn out to be malicious.
I think the best way for organisations to take care of this is by educating their staff.
This means making sure staff are aware that there are targeted COVID campaigns, what some of those emails look like, and the potential impact on the business.
Organisations also need to have up-to-date email filters and they need to be tracking activity on the network.
So if there’s some form of malware that's coming in, they need to be monitoring activity in the network enough that they’re going to notice that someone is in there doing something they shouldn't.
Organisations that aren’t used to having people work remotely need to ask some questions.
How secure are the links back into your organisation? Have you checked your configurations are secure in the way you set up your VPNs? Which staff get access to what information?
One issue we’re seeing is staff will often go around tools that are provided by IT teams and will download the tools that they’re familiar with.
A good example is Zoom, which we’ve seen may not be appropriate for business due to some shortcomings. Staff have found this tool that’s easy to use but is possibly not built for purpose.
Organisations need to ask ‘what are our policies for staff working from home? Are these clear, have they been communicated to staff? If they’re stuck, how do they get help?’
Staff may send confidential information via email that they ordinarily wouldn’t, because they can’t walk to a colleagues desk.
IT teams need to catch these risks before staff do things they shouldn’t.
If you’re using free versions of any tool, always think about why it’s free. As the popular saying goes, ‘if it’s free, then you are the product’.
If you're using a free bit of software, make sure you're looking at the terms and conditions and particularly with what those organisations are doing with your data. Because often they’re reusing that data and selling it on.
That’s certainly been the case with Zoom, in the past, they have passed information onto Facebook.
People need to look at the security measures that are in place for the software and research whether it has had a history of security issues, as Zoom has had in the past.
Do your homework on things like end-to-end encryption, what companies do with data, whether video conferencing tools record the calls that are passing through the system.
I don't know about cybersecurity in particular. It hasn't changed very much for us, we tend to work remotely a lot of the time and we tend to connect into our customers' networks remotely to review and test them.
I think the changes will more be about attitudes, with organisations realising that remote working works really well, and has a number of benefits for staff, for the environment, and for business bottom line.
From a security perspective, I hope that more organisations will begin asking ‘what does this mean for data access management? What are the privacy and security implications for us as a business?’
As a security company, we're going to be looking at cloud solutions and remote working solutions a lot more and making sure that those are secure in place for organisations.