August 24, 2020 By BlueAlly
By Mike Vizard
One of the first research reports to track the impact working from home (WFH) is having on cybersecurity suggests both the number of incidents and associated costs are rising.
In a survey of more than 200 managers, directors, and C-suite executives in IT and cybersecurity roles at companies across the U.S., 20 percent of respondents said their organization suffered a security breach as a result of a remote worker. Nearly a quarter (24%) also incurred unexpected expenses to address a cybersecurity breach or malware attack following the imposition of shelter-in-place orders.
The survey, conducted by Malwarebytes, also reports it is already observing cybercriminals adapting their tactics to take advantage of improperly secured corporate virtual private networks (VPNs), cloud-based services, and business email. There’s been a surge in phishing emails that use COVID-19 as a lure to cover up a wide variety of malicious activity. These emails contain malware, such as AveMaria and NetWiredRC, that among other things enable remote desktop access, webcam control, and theft of passwords.
Specifically, Malwarebytes reports a 1,219-percent increase in AverMaria malware from January to April of this year, compared to the same period a year ago. AveMaria malware mostly targets large enterprise businesses. NetWiredRC, which is largely aimed at small-to-medium businesses (SMBs), increased 99 percent from January to June on and year-over-year basis, according to the report.
Prepared for inevitable attacks?
Despite those attacks, the Malwarebytes survey finds nearly three quarters of respondents (73%) gave their organization a score of 7 or above on preparedness for the transition to WFH.
Overall, the survey notes a majority of companies with less than 700 employees (84%) shifted more than half of their workforce to WFH. Companies with at least 700 employees, by comparison, opted to shift almost all their workforce home (81 to 100%).
Nearly half of respondents (45%) admit they did not perform security and online privacy analyses of software tools employed to enable collaboration while WFH. Nearly two-thirds (61%) said their organizations provided devices to employees as needed. However, 65 percent said they did not deploy any new antivirus solution on those same devices, while 61 percent said they did not urge employees to use antivirus solutions on their personal devices.
Cybersecurity professionals know there’s a lot more malware on devices that employees are using at home than has been discovered to date. Most employees don’t distinguish between corporate and personal use, so the device employed to access a gaming site is often the same one accessing an enterprise resource planning (ERP) application.
Many organizations are assuming all that malware represents an unavoidable business risk. Out of both a sense of duty and a sense of self-preservation, cybersecurity teams are hunting for all that malware now. After all, the best kind of cybersecurity incident is the one no one in the business ever knew occurred. Of course, it’s important to keep score. Otherwise, business executives won’t appreciate all the effort that goes into hunting for all that malware.
Meanwhile, it’s only a matter of time before a lot more malware gets activated. Cybercriminals can afford to be patient. Cybersecurity teams, by contrast, are always racing against an invisible clock.