It's safe to say the world was not built for a global pandemic like COVID-19.
Within a matter of days, everyone—from families to schools to businesses to governments—had to reinvent the way they live and work.
Making a difficult situation worse, an incredible number of cyber-pandemic of hacks, attacks, and scams have taken advantage of the current climate. While there's a lot to keep in mind right now, it's vital for your organization to be keenly aware of the major challenges that have increased in number and scope over the past few months. Here are a few of the ways that COVID-19 has made cybersecurity increasingly difficult for enterprises and businesses of all sizes.
1. Increased Risk Due to Work-From-Home Policies
The past few months have seen a remarkable spike in the number of employees working from home, as businesses seek to manage stay-at-home orders from state and local governments.
According to Global Workplace Analytics
, up to 75 million Americans will work from home during the outbreak. While the ability to keep employees in this capacity is likely to save businesses and reduce layoffs, remote employees must now access corporate data using their home devices and networks, which rarely offer the same level of security or control as the office.
In addition, employees are using new tools like video conferencing software and collaboration tools that can increase the attack surface for bad actors.
2. Non-Essential Businesses Have Gone Unprotected
Businesses ranging in size and type from local art galleries or gyms to Las Vegas casinos and major manufacturers have been shut down (or recently re-opened, and in some cases shut down again) due to being classified as non-essential.
As a result, IT teams have either been sent home along with everyone else, or instead were quickly redeployed to help manage work-from-home technology issues. Meanwhile, all those devices back at the building are still on and connected to the internet, leaving them unmonitored, unmaintained, and exposed.
3. Security Patches Have Gone Undeployed
IT can struggle to patch devices across the enterprise at the best of times. With devices outside the corporate network or turned off altogether, it becomes even more difficult to ensure everything is up to date in terms of patches, especially in the event of a zero-day exploit.
4. IT Teams Have Experienced Reduced Resources
As businesses struggle to survive, IT has to make do with less. Hiring freezes, layoffs, reduced budgets for new technologies, and canceled projects—not to mention IT staff with their own health issues—means that IT is going to be stretched thin in the coming months just trying to keep the lights on. For this reason, it becomes increasingly likely that IT teams are lacking the bandwidth to prevent or adequately respond to catastrophic cyberattacks.
In addition, don't forget that those on your IT teams are people too—they're just as distracted and worried by the news as the rest of us, and have had to navigate the challenges of working from home while distracted by kids and family members, and enduring all the other stresses of self-isolation. This means they are more likely to miss something they would usually catch if they worked at their full capabilities with every available resource.
5. Increased Activity from Bad Actors
Cybercriminals know a good opportunity when they see it. Lone hackers, well-funded criminal organizations, and foreign governments all actively probe defenses, launch attacks, and run scams. In our weekly COVID-19 threat roundups
, we've noted a number of coronavirus-related malware and scams, including:
- Videoconference hijacking and ID code guessing that can disrupt meetings or reveal sensitive business information, such as financial information, contract negotiations, personal employee information, and business plan discussions. This can lead to stolen trade secrets, confidential information leaked to the public or to competitors, compliance issues with data protection regulations such as GDPR, or even result in hackers using your private business information to inform stock trades.
- COVID-19 phishing scams disguised as news alerts from the World Health Organization (WHO) in attempts to harvest login credentials.
- Stimulus-themed phishing attacks that promise government cash payments in exchange for financial information.
- Fake charities that spoof actual charity email addresses to solicit donations.
- Attacks on healthcare institutions to collect information on outbreaks, tests, and other sensitive information.
Prepare for What's Next
Just one of these five challenges would be difficult for even the best IT teams to tackle. Taken together, few staffs are able to successfully manage these challenges by themselves. Now more than ever, this is the time to augment your cybersecurity capabilities by working with outside experts.
Arctic Wolf can help.
Our managed detection and response (MDR)
solution provides the comprehensive, 24/7 security monitoring you need to protect your company and its newly remote workers from threats. We also offer a managed risk
solution that includes vulnerability assessments and threat analysis so you can significantly reduce your risk of attack in the first place.
And, should an attack occur, our Concierge Security™ Team
of expert analysts and engineers are ready to take care of the situation and lead a response.