Remote working has been a bastion of resilience and adaptability. However, patterns have emerged among businesses whose remote setups fell short. We reveal 3 common reasons behind unsecure remote working. And it’s not just cybercriminals you need to watch out for.
Hasty installation of remote working infrastructure
The abrupt switch to working from home or flexible operations forced many organisations to use grossly inadequate remote working technology. Across the board, companies found that operational resilience was too low, and cost structures were too high. On varying scales, operations became less secure and compliant, and business operations less efficient and productive. Over a year on, businesses continue to wrestle with IT that is simply not fit for the job.
For some, personal laptops, consumer-grade VPNs, and home WiFi formed the extent of WFH infrastructure. Without a layered and integrated cybersecurity stack, malicious actors can all too easily infiltrate systems via these inroads. Hasty deployment of solutions and the scramble to provide server, application, and collaboration tool access led to inevitable cybersecurity oversights, which threat actors are exploiting in greater numbers than ever.
Low quality or misconfigured VPNs, loose control over access permissions, and primitive email security software are commonly abused because, put simply, often yield a result for cybercriminals. Data security is an acute concern, and it is no mistake that ransomware attacks jumped 20% in 2020. Cybercriminals are doing all they can to get their hands on the assets that are of most value to and that have the highest price tag to get back.
Satellite solutions for permanent setups
Those better prepared or already using remote working infrastructure are vulnerable too. Although cyber resilience may be stronger – a combination of more robust cybersecurity and training – IT is largely not configured for mass, heavy, and extended remote use. This is leading to downtime, poor availability, and sluggish performance – adding even greater challenges for executives responsible for business efficiency, cost management, and profitability.
2020 was a major year for new technology adoption. Research suggests that this will continue, with investments in cloud, automation, AI cybersecurity and next-generation ERP marking IT advancements in the year ahead and contributing to the expansion of remote working infrastructure. Pandemic or no pandemic, hasty installations risk business continuity, data security and financial performance. So, if you are building on remote working IT in 2021, ensure that your IT team is supported by a managed service provider who will help you maximise investments and achieve resilience and uptime.
Opportunistic and advanced threat actors
Last year, phishing surged 73%, never-before-seen malware exploded by 63%, intrusion attempts rose by 19% and 48% of UK companies were hit by ransomware. Email is now the direct source of 53% of cyberattacks in Britain and there has been a 173% increase in infected Office 365 file attachments. It is no coincidence that these uncomfortable upward trends transpire when email activity and online document sharing and collaboration are ramped up. Threat actors are abusing immature remote working infrastructure, unprepared employees, and Covid-19 anxieties to breach digital perimeters, steal data, and take business-critical IT such as ERPs and CRMs offline.
To further complicate the cybersecurity landscape, threat actors are becoming more advanced. They are deploying ever more sophisticated types of malware, quickly developing new “strains” that are more successful at bypassing cybersecurity software without AI capability. Cryptocurrency is the expected payment method for ransomware lockouts, while difficult to detect impersonation attacks, posing as senior business figures and trusted partners, are exploiting communication gaps in distributed workforces. Organisations continue to navigate testing times and challenges to return to scale. However, the fact remains that by and large, operations have continued, with some sectors remaining stable or thriving. Opportunistic threat actors see remote businesses as rewarding targets with plenty of valuable data and even cash.
The reasons behind unsecure remote working can’t be taken lightly. They can be mitigated in the immediate and long term by auditing your weak spots. For help uncovering critical security risks in your business, book an IT audit with Starcom. Click here or call 0844 579 0800.