The Security Vulnerabilities Emerging from the Coronavirus Pandemic
Among the many business implications of the coronavirus pandemic is an increase in security episodes. In a recent study by Barracuda Networks, 46 percent of respondents had experienced at least one security incident since lockdown restrictions were in place, with 51 percent recording an increase in the number of email phishing attacks. A quick Google News search returns countless examples of the latter, with Netflix, Microsoft, the CDC and the WHO among the organizations impersonated by hackers in coronavirus-related phishing campaigns.
Troubling as these incidents are, the pandemic has exposed deeper, more significant cracks in enterprise security. As companies plan for a phased return to normal operations, it’s imperative that they are aware of these vulnerabilities and make addressing them a central part of their coronavirus response.
Following are a few key risks the current working climate has brought to light.
1. IT Infrastructure is not Prepared for Widespread Remote Working
In recent years, remote working has become increasingly popular with many employees “WFH’ing” one or two days per week. That situation is vastly different from today, however, when sixty-two percent of employed Americans are working from home due to the pandemic. It’s clear that IT infrastructure was not adequately prepared for this significant increase.
There are numerous security implications as a result. For example, companies using Windows Active Directory Server may not have had VPNs set up for all people now working remotely. This, in turn, would prevent the employees’ computers from connecting directly to a domain controller, meaning that periodic password resets could not be completed. This can lead to network trust and secure channel issues, both of which cause additional IT headaches and impede productivity. As organizations struggle to manage this and other challenges related to supporting a newly remote workforce, it’s incredibly common for speed to take precedence over best practice, increasing the likelihood of vulnerabilities arising from human error, as well as issues with compliance and performance.
So, what’s the takeaway for organizations? Digital transformation initiatives and disruptive technologies like AI and 5G deserve their place on the corporate agenda, but not at the cost of security. Whether it’s investing in a new IT project or revising business continuity planning with lessons learned from the pandemic, it’s critical that companies explore any security implications thoroughly before rolling out the change.
2. New Risks Arise from Band-aid Approaches to Remote Working
Fifty-one percent of the respondents in the Barracuda survey believe their workforce was not properly educated about the security risks of remote working prior to the pandemic. This situation is further complicated for employees working remotely along with roommates, spouses or children also conducting more activities online. If everyone is utilizing the same network, there is an increased risk of malware being inadvertently installed.
In addition, many IT organizations are permitting employees to use personal devices, email accounts and cloud storage to avoid business disruption. While the approach is understandable the security threat is equally apparent. BYOD means that employees are bypassing the policies and procedures required to protect corporate assets, making it significantly easier for hackers to access this information.
When planning for the post-coronavirus recovery, companies must implement robust remote working policies that mandate the creation and use of a separate Wi-Fi network exclusively for business use, among other security best practices. Determining how to ensure business continuity without allowing BYOD threats to increase will vary based on the individual organization, but this is a critical step to shoring up security.
3. It’s Difficult to Detect Anomalies in Unprecedented Times—for Humans and Machines Alike
A central tenet of modern security relies on discerning normal from abnormal, and many companies avail of machine learning and bot detection to identify and address system anomalies. This approach works well when it’s business as usual but, when the circumstances are radically different, it’s much less effective. As a result, organizations are dependent on other security measures or forced to step up manual threat detection efforts. For companies already struggling with the IT challenges outlined above, this is a burdensome requirement that can easily lead to security holes.
In a similar vein, hackers are relying on the fear, confusion and stress surrounding the pandemic, banking on the fact that people will be more likely to fall for social engineering campaigns as a result. For example, an email from a colleague asking to borrow a password would raise a red flag in normal times, however, it’s easy to see how an employee could be tricked into answering the query given our current circumstances.
Determining how threat detection technology can evolve is a complicated matter. Figuring out how to educate employees to detect human anomalies is much more straightforward. Companies should issue guidance on how they will be communicating about the matter and include reminders on phishing vigilance whenever they are faced with an unusual work situation. This will be important as organizations navigate a return to physical workplaces, as hackers will likely look for ways to capitalize on the “back to normal” theme.
4. Software is Often Designed for Convenience Rather Than Security
Zoom’s headline-making pandemic-related security woes underscore what can happen when technology is architected for ease of use rather than security. This should serve as a good reminder for companies to audit their vendor landscape and, wherever possible, ensure all technology offers robust security features. Mandating that all employees frequently check and install updates and patches is also important, particularly for software with less than ideal security.
5. Security Often Falters at the Password Layer
Ninety-one percent of respondents in a LogMeIn survey recognize that sharing passwords across multiple accounts introduces security concerns, yet 59 percent admitted to doing it anyway. This underscores that security leaders must expect poor password hygiene from their users and revise their approach to account security accordingly. When people are working remotely and creating new digital accounts, this becomes more important than ever. As they look to the future, organizations must determine how they can not only ensure the strength and uniqueness of passwords at their creation, but also how they can monitor these credentials and ensure they don’t become compromised down the road.
Considering the Future
We are certainly operating in unprecedented times, but it’s highly possible we will face another remote working scenario when the second wave of the virus hits. As such, it’s important that companies not only consider the security vulnerabilities outlined above as part of their return to work but also as they plan for the possibility of another lockdown. With hackers always eager to capitalize on lack of preparedness, employee confusion and other factors, companies simply cannot afford to ignore the spotlight the coronavirus has shed on enterprise security.