Opportunistic agility is running rampant among hackers and scammers.
- McAfee's user base has been seeing an average of 375 new threats per minute during the pandemic.
- Once everyone got situated in their home offices and their company's security teams started taking the appropriate measures, how did the attackers adjust?
- Ransomware on cloud servers, hijack attempts on IoT gadgets and business email compromise (BEC) attacks increased in volume as well as sophistication over the course of Q3 2020.
Credit: McAfee<p>But beyond the many reports that cybercrime has surged, there's been proportionately little talk about how it's changed. Once everyone got situated in their home offices and their company's security teams <a href="https://bigthink.com/technology-innovation/work-from-home-cybersecurity" target="_self">started taking the appropriate measures</a>, how did the attackers adjust?</p> <p>Here are four ways that cybercrime has visibly adapted to the changing conditions of 2020. </p>
Deploying pandemic-related attack strategies<p>One of the notable ways that attacks were especially effective at the start of the pandemic was the manner in which they directly took advantage of the confusion caused by the situation. COVID-19 related phishing emails <a href="https://news.yahoo.com/hackers-cyber-attacks-now-evolving-faster-ever-subex-063924287.html" target="_blank" rel="noopener noreferrer">raised phishing attacks overall by 68 percent</a>. There was also a marked uptick in business email compromise (BEC) attacks, where the criminal masquerades as a legitimate company and attempts to convince the victim that the coronavirus chaos forced them to change their banking details. </p><p>Cybercriminals have adjusted their targeting and tactics to follow the spread of COVID-19, with the spike beginning in Asia before shifting to Europe and the U.S. Now, as people are returning to work, phishing emails and malware have switched gears. Instead of claiming to educate you about the virus, they are disguised as guides to helping workers return safely to the office. </p><p>"What's clear is that hackers are hoping to capitalize on public fear," <a href="https://www.techradar.com/news/how-cybercrime-has-changed-in-the-wake-of-covid-19" target="_blank" rel="noopener noreferrer">says Dr. Alex Tarter</a>, Chief Cyber Consultant and CTO at Thales. "As a global population we have proactively sought out as much information as we can find to help inform our day-to-day lives, but also make us feel safe. Many of instances of cybercrime in the wake of COVID-19 have been designed with this fear in mind." </p><p>In this vein, malware, mobile malware and fileless malware have skyrocketed, using pandemic-related topics to play on people's fears and lure them to malicious URLs. Tarter estimates that half of all COVID-19-related domain names created since December 2019 were set up with the purpose of injecting malware, with many of these domains spoofing content from genuine websites in order to mask their intent.</p>
Aiming at broader targets<p>Another distinct trend is the shift to a broader attack surface. As work moved out of "on-premises" network environments, bad actors have followed us onto the cloud, so cloud-related breaches have increased. Protecting your server isn't sufficient; you need to connect all the dots and cover every connected device, because your cloud-connected printer is the backdoor to your entire organization. </p><p>Cybercriminals have long since woken up to the fact that IoT devices are often the weakest links in any system. IoT-focused attacks have grown in number and in impact, with a <a href="https://news.yahoo.com/hackers-cyber-attacks-now-evolving-faster-ever-subex-063924287.html" target="_blank">46 percent rise</a> in the number of attacks on smart homes, smart enterprises, and control systems that are connected to critical infrastructure.</p>
Taking advantage of urgency and pressure<p>Cybercriminals are taking advantage of the pressure that organizations are under to remain operational by expanding ransomware attacks, which doubled from <a href="https://ciso.economictimes.indiatimes.com/news/cyberattacks-get-more-nuanced-as-covid-drags-on/77816357" target="_blank">200,000 in Q1 2020 to 400,000 in Q2</a>. Health centers are a popular target, because hackers know that they are overwhelmed with critical patients and can't afford the time it will take to resolve the attack, so they are more likely to give in and pay the ransom than struggle to combat and cure it.</p> <p>A few weeks ago in Germany, a patient was unable to receive care when a ransomware attack on Düsseldorf University Hospital disrupted the emergency care unit, forcing them to transfer her to another hospital to receive critical care. <a href="https://www.technologyreview.com/2020/09/18/1008582/a-patient-has-died-after-ransomware-hackers-hit-a-german-hospital/" target="_blank" rel="noopener noreferrer">The patient died</a> during the journey, a cybercrime first. </p>
Credit: Trend Micro<p>New ransomware families are emerging, using more sophisticated, phased attack strategies that are more difficult to rectify. Trend Micro has identified <a href="https://documents.trendmicro.com/assets/rpt/rpt-securing-the-pandemic-disrupted-workplace.pdf" target="_blank">a 36 percent jump</a> in new ransomware families, compared with the same period in 2019. Hackers know that IT and security teams are operating remotely, without access to their usual tools and processes and often without experience in dealing with an attack remotely, which handicaps their ability to resolve it quickly. </p>
Exploiting remote work vulnerabilities<p>Hackers have been quick to respond to the sudden rush to remote working. In the urgency of the moment, many companies implemented <a href="https://neilpatel.com/blog/best-vpn-services/" target="_blank" rel="noopener noreferrer">trusted VPN services</a> for employees working from home, or set up a remote desktop, without configuring them properly, thereby opening the doors to hackers. In March, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) <a href="https://www.us-cert.gov/ncas/alerts/aa20-073a" target="_blank" rel="noopener noreferrer">alerted businesses</a> to elevated risks of VPN abuse.</p> <p>A number of cloud tools are poorly protected. Zoom, for example, has become a lifeline for businesses and schools, but it has serious security vulnerabilities. It's no coincidence that individuals and educational organizations have been the targets of so many cyber attacks during the pandemic; they are (rightly) perceived as the most vulnerable. </p> <p>Shadow IT use rose when employees sent home from the office had no choice but to use their personal laptops for sensitive work-related tasks, but these devices are rarely protected as well as an office computer. </p> <p>Phishing attacks rose in part because many employees switched to work remotely almost overnight, without any training to independently recognize phishing scams. The average employee isn't equipped to deal with them, and at home there's no security team on hand to immediately respond to questions and defuse the threat.</p>
Cybercrime adapted quickly to COVID-19 chaos<p>The coronavirus pandemic increased chaos in the world, and that presented a golden opportunity to malicious actors and hackers of all types. COVID-19 saw cybercrime shift to cynically exploit fears about the pandemic, take advantage of hasty shifts to remote working, attack overstretched critical infrastructure like health industries, and aim at broader targets across organizations. IT teams can't afford to fall behind as the ongoing struggle with cybercrime enters a new phase. </p>
Taking the commute out of the picture just might make for more diverse teams.
- Tech giants, including Microsoft, Google, Facebook, Twitter, and Amazon, have already stated they'll be adapting company policies to allow for more remote working.
- In the business software and tech infrastructure sectors, which are more in-demand than ever, it seems likely that recruiting will resume quickly, with companies seeking to fill specifically remote positions.
- The tech sector has long suffered from a diversity problem, and remote working fosters a better culture of inclusivity.
A bigger talent pool<p>About <a href="https://www.matrixres.com/tech-trend/9-out-10-hiring-managers-struggle-find-tech-talent" target="_blank">86 percent of hiring managers</a> have said they've struggled to find qualified tech talent. By widening their hiring activities beyond the major city hubs, employers will find they can reach a far bigger pool of available candidates.</p><p>A qualified candidate living in one of the flyover states or rural America may not want or be able to relocate to the bigger cities. Until now, that's meant that these people have been largely excluded from the market. The ability to work remotely means a tech firm can capture this talent. Critically, employers benefit from this vastly increased talent pool without increasing their cost base. </p><p><a href="https://joonko.co/" target="_blank">Joonko</a>, a hiring platform used by leading tech firms like Intuit, PayPal, and Atlassian, recently <a href="https://finance.yahoo.com/news/diversity-recruiting-startup-joonko-launches-172219079.html" target="_blank">announced the rollout</a> of its Remote-Ready planner tool, aimed at helping firms recruit remote talent, more inclusively. "Employers willing to take a remote-ready approach have the opportunity to reduce overheads, gain the benefit of geographical arbitrage, while giving themselves access to a vastly more diverse pool of talent based in locations all around the country," explained Ilit Raz, the company's CEO, via email. "Employees who work at home are also generally more productive without the pressure of a daily commute." </p><p>The numbers back this claim. According to an April <a href="https://www.citrix.com/news/announcements/apr-2020/remote-work-the-new-normal.html" target="_blank">poll from Citrix</a> of 10,000 U.S. employees, 77 percent said they were more productive working at home, and 69 percent said they were working the same number of hours, or more, than they put in when they'd been office-bound. </p><p>Historically, many tech firms have attempted to mitigate their hiring challenges by setting up offices close to institutions such as Stanford or MIT. This trend only perpetuated the situation, though, as companies were born from the same ecosystems that they used as recruiting hubs. However, the new shift to remote allows them to diversify their locations, potentially shifting to places where real estate isn't some of the most expensive in the world and non-white talent is easier to come by. </p>
More flexibility and more diversity<p>Controversial pay cuts aside, employees also appear happy with the shift to remote working. The same research by Gallup found that, of those who were working at home during the pandemic, 59 percent wanted things to stay that way even once restrictions are lifted.</p><p>Without being compelled to move to big cities, employees have far more flexibility to manage their work-life balance without the daily commutes. They can also eliminate commuting expenses. </p><p>The talent connection works both ways too. Just as employers have access to a bigger talent pool by casting the net more widely, candidates in remote locations also have the opportunity to apply for jobs from which they were previously excluded. Remote working, then, fosters a <a href="https://www.zdnet.com/article/you-want-diversity-inclusion-in-tech-embrace-remote-work/" target="_blank">better culture of inclusivity</a>. </p><p>The tech sector has, of course, long suffered from a diversity problem. It's been over five years since the industry buckled in to pressure and finally committed to publishing diversity reports, making tech companies headcount cohorts more transparent. And given <a href="https://bigthink.com/politics-current-affairs/black-lives-matter-white-people" target="_self">the current climate of "enough is enough"</a> when it comes to racial inequalities, it's especially shocking to see that little progress has been made over time.</p>
A better society and a more balanced economy<p>Opening up remote opportunities creates a more equitable workforce in a way that isn't contrived. Raz believes it presents an ideal opportunity for companies to walk the talk, from a diversity and inclusion perspective.</p> <p>"With smart remote hiring in 2020, tech companies have the opportunity to break out of the cycle of diversity pledges that are perceived by the public as lip service. Today it's possible to achieve diversity and inclusion with real value – not only as a matter of quota compliance or publicity play," she said. "Going remote gives recruiters the ability to onboard physically and mentally challenged individuals, single parents and seniors, in addition to women and minorities. It's time to meaningfully give everyone a place at the table."</p> <p>More diverse companies create more inclusive tech products, and they make it easier for ethnic minorities and women to believe that they can pursue the career paths that speak to them most. Diverse companies happen to also drive superior business performance, according to <a href="https://until.un.org/news/until-releases-report-diversity-and-inclusion-tech" target="_blank">a recent report</a> from the United Nations Technology Innovation Labs (UNTIL).</p>
Creating new opportunities<p>Nobody can argue that the coronavirus crisis has been a good thing. However, it has forced us to look at many elements of life through a different lens. The tech sector has been operating based on the decades-old paradigm that employees need to be at desks in offices if they're going to be productive, which doesn't fit with what tech companies actually need from their teams.</p> <p>The necessary shift to remote working has shone a light on the benefits of a different way. Companies, employees, and society at large can now continue to reap those benefits long after the crisis recedes. </p>
Just because your team has gone remote doesn't mean you need to be vulnerable to hacks, breaches, and scams.
- Prior to the COVID-19 outbreak, many enterprises had yet to contemplate a mass work-from-home scenario and were therefore unprepared to support it securely.
- There are practical steps you can take to safeguard confidentiality and cybersecurity with a WFH workforce.
- Applying best security practices to test for vulnerabilities, supervise access controls and password management, secure connections, and apply endpoint encryption can go a long way.