SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
New data reveals correlation between cyber attacks and work from home initiatives
Tue, 25th Aug 2020
FYI, this story is more than a year old

A new report has highlighted that there are massive gaps in cybersecurity with more employees working at home. In fact, at present 20% of organisations have experienced a breach as a result of remote work.

This is according to the Malwarebytes report, Enduring from Home: COVID-19's Impact on Business Security, which combines Malwarebyte's telemetry with survey results from 200 IT and cybersecurity decision makers from small businesses to large enterprises.

The data showed that since organisations moved to a work from home model, the potential for cyberattacks and breaches has increased.

Since the start of the pandemic, 20% of respondents said they faced a security breach as a result of a remote worker. This in turn led to higher costs, with 24% of respondents saying they paid unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders.

In addition, 28% of respondents admitted they're using personal devices for work-related activities more than their work-issued devices, which could create new opportunities for cyberattacks, Malwarebytes states.

This figure becomes more problematic considering that 61% of respondents' organisations did not urge employees to use antivirus solutions on their personal devices.

On the threat landscape, Malwarebytes observed that cybercriminals have adapted to take advantage of improperly secured corporate VPNs, cloud-based services, and business email, all which could be used for infiltration of corporate assets.

There has also been a surge in phishing emails that use COVID-19 as a hook to cover up malicious activity. These emails contain commercial malware, such as AveMaria and NetWiredRC, which allow for remote desktop access, webcam control, password theft and more.

Malwarebytes data showed that AveMaria saw an increase of 1,219% from January to April 2020, significantly up from 2019.

According to Malwarebytes telemetry, AveMaria mostly targeted large enterprise businesses. Similarly, NetWiredRC observed a 99% increase in detections from January to June, primarily targeting small and medium sized organisations.

Despite this, companies appear to have a high level of confidence about the transition to working from home, with roughly three quarters (73.2%) of those surveyed giving their organisations a score of 7 or above on preparedness for the transition to working from home.

A majority of companies with less than 700 employees (84.1%) moved more than half of their workforce, but not all (61–80%). On the other hand, companies with at least 700 employees opted to move almost all their workforce home (81–100%).

In the wake of this shift, 45% of respondents' organisations did not perform security and online privacy analyses of software tools deemed necessary for working from home collaboration.

In addition, while 61% of respondents' organisations provided work-issued devices to employees as needed, 65% of respondents' organisations did not deploy a new antivirus solution for those same devices.

Malwarebytes Labs director Adam Kujawa says, “Threat actors are adapting quickly as the landscape shifts to find new ways to capitalise on the remote workforce.

“We saw a substantial increase in the use of cloud and collaboration tools, paired with concerns about the security of these tools.

"This tells us that we need to closely evaluate cybersecurity in relation to these tools, as well as the vulnerabilities of working in dispersed environments, in order to mitigate threats more effectively.

Malwarebytes CEO and co-founder Marcin Kleczynski says, “Our fundamental shift to working remotely has dramatically underscored the need for comprehensive security, as well as IT guidance and training to avoid breaches.

"Many organisations failed to understand the gaps in their cybersecurity plans when transitioning to a remote workforce, experiencing a breach as a result.

“The use of more, often unauthorised, devices has exposed the critical need for not just a complete, layered security stack, but new policies to address work from home environments. Businesses have never been more at risk and hackers are taking notice.