In an effort to “flatten the curve” and stop the spread of COVID-19, an increasing number of companies are instilling work from home (WFH) policies. While this is a necessary shift in the wake of a pandemic, allowing remote workers to continue the same business operations, potentially without the same network security devices or infrastructure normally in place at work can be risky.
Now more than ever, necessary measures need to be taken in order to protect against cyber attacks and to ensure business continuity. Security teams are overwhelmed, making it necessary to utilize automated tools and set strict procedures. Security ratings are one of these automated tools that can help organizations find and reduce risk in their cybersecurity posture and that of their third parties, leading to a safer working environment for their remote workforce.
Check out some of the biggest cybersecurity threats companies will likely face during the COVID-19 pandemic, due to remote workers. In addition, we’ve also outlined how SecurityScorecard can identify these threats before they become a bigger issue.
Access to company networks
While most work from home policies involve certain guidelines, it is almost impossible to make sure employees adhere to those policies. Accessing corporate networks remotely can lead to a higher risk of unauthorized access and data leakage. As people work from home, they may not even use a VPN to login to a corporate network. All the defense systems that are in place at the office: IDS, firewall, and/or network behavior analytics, are most likely not in place at employees’ homes, compromising the typical cyber defense.
As employees connect to the internet from unmanaged sources, organizations need to ensure that secure HTTPS connections are used to access company web portals. Without a secure connection, a malicious actor could intercept the connection between your browser and the website, allowing for information leaks and attacks such as Man-in-the-Middle.
How we can help: SecurityScorecard’s TLS and Application Security measurements enable security teams to identify problems with TLS Certificates as well as security risks associated with these web applications.
Phishing attacks have been one of the top cybersecurity threats even before the COVID-19 pandemic, but as entire workforces shift to being completely remote, the number of emails and other electronic communications will increase. This will make it even more difficult for employees to understand what is a scam and what is a genuine email. As reported by PCmag, hackers are using information, and general uncertainty, about COVID-19 to engage in email phishing attacks.
How we can help: SecurityScorecard utilizes Typosquat detection to help organizations understand if there is a potential phishing attack. Typosquatting consists of registering Internet domain names that closely resemble legitimate, reputable, and well-known ones (e.g., Farebook instead of Facebook). This cyber attack aims to distribute malware or to phish the organization’s users (i.e., stealing their credentials) by mimicking the aspect of the legitimate webpage of the targeted organization. With tools, such as SecurityScorecard, organizations are able to review the typosquat domains and determine if they registered the domains themselves (as protection), or if they are indeed malicious.
The spread of malware
The attack surface will grow as more organizations ask employees to work from home without the same network security devices or infrastructure at the office. Bad actors will use opportunities like phishing to spread malware. Additionally, hackers are already exploiting the fears surrounding COVID-19 to infect computers with malware. Krebs On Security highlighted one scenario where “an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious web sites (and possibly spam emails) to spread password-stealing malware.” Employees need to think twice before clicking on links and opening attachments.
How we can help: SecurityScorecard's outside-in view gives organizations the ability to see what a hacker sees. In the platform, SecurityScorecard can surface malware that has been found based on an outside-in view. Organizations can use this information to understand what entry points bad actors are most likely going to take advantage first.