Most UK Remote Workers Haven't Had Cybersecurity Training in Past Year

April 27, 2020

The COVID-19 pandemic has brought a fresh wave of cyberattacks targeting remote workers, but a lack of training has resulted in the majority not taking threats seriously.

A study of remote workers by app security company Promon found that 66 percent of remote workers haven’t been given any form of cybersecurity training in the past 12 months, with 77 percent saying they aren’t worried about their cybersecurity while working from home.

Promon’s research into the attitudes towards cybersecurity comes after Ursula von der Leyen, president of the European Commission, warned on March 24 that cybercrime in the EU has increased due to the coronavirus outbreak. As the pandemic has forced many more people to work from home, attackers are capitalizing on the increased amount of time spent online by carrying out targeted COVID-19-related phishing campaigns which can result in the victim downloading ransomware (malware that encrypts files until a ransom is paid), or attackers gaining access to a victim’s computer.

Examples of such campaigns include a bogus email from HMRC containing a ‘new tax refund program set up by the Government, which, when clicked, directs to a fake webpage which harvests financial and tax information. Another example is a fake email claiming to be from the World Health Organisation, containing an attachment on new coronavirus safety measures. When opened a keylogger is downloaded, which then tracks and records every key that’s pressed on the user’s keyboard, enabling the attackers to secure passwords and other sensitive login information.

The survey also found that 61% of respondents are using personal devices when working remotely, adding an extra layer of concern as many of these are likely to be less secure than corporate-issued ones. Cybercriminals are taking advantage of decreased levels of security on personal devices connected to corporate networks, with successful attacks ringing alarm bells for employers whose sensitive corporate data is now at risk, along with individuals’ personal data, including banking information and login details.

Promon CTO and co-founder Tom Lysemose Hansen said: “It’s concerning to find that such a large number of workers don’t have the necessary training to spot a potential cyber threat, such as a phishing email or spoofed website, as these are the main ways in which cybercriminals are executing their attacks. Organisations must ensure that staff who are working remotely are doing so in secure environments, whether that’s on personal or corporate devices, and it’s critical that they provide the necessary training and tools to ensure corporate data is protected.”

You must login or register in order to post a comment.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Most UK Remote Workers Haven't Had Cybersecurity Training in Past Year

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

Most UK Remote Workers Haven't Had Cybersecurity Training in Past Year

Related Articles

Report Abusive Comment

The latest news and information

Content written for business-minded executives who manage enterprise risk and security