A remote workforce
Managing a remote workforce in 2020 poses a notable threat to cyber security, with businesses needing to protect devices, networks and internal systems against a range of cyber attacks.
The recent surge in targeted hacking attacks and phishing emails is not unexpected. Hackers are out in full force and taking advantage of the change in employee behaviour during the current global pandemic. The range of digital tools that businesses use to collaborate and communicate whilst working remotely could be at risk from attack, as well as company networks and data.
With Gartner predicting that 74% of businesses are planning to maintain some degree of remote working in the future, companies cannot risk faltering when it comes to security.
Capitalising on uncertainty
Hackers have capitalised on the uncertainty surrounding COVID-19 by targeting businesses with a range of hacking attacks and email phishing techniques. A recent report by security outfit, Barracuda Networks, found that phishing emails have spiked dramatically in the past few months. Many of the scams detected are selling bogus coronavirus cures, protective face masks or asking for investments in fake companies that claim to be developing vaccines for the virus.
Other attacks have included targeting the tools used by remote workers such as fake requests to reset VPN accounts, spoofed Zoom sign in pages and chat requests from supposed corporate messaging systems. Whilst employees are working remotely they could be receiving a higher volume of messages or have other distractions, meaning that they may not notice a spoofed email or request.
Social engineering has also come into play, with hackers trying to gain access to corporate networks by pretending to be an employee needing access. This is why user and access controls are so vital for businesses navigating remote working, as well as using two or multi-factor authentication and VPNs to access any service on the corporate network.
Brute force attacks
One of the most commonly reported attacks is against services running within the corporate network, such as brute force attacks targeted on Remote Desktop Protocol (RDP) users.
Attackers attempt brute force attacks by trying to log into poorly configured RDP services. They systematically attempt to identify weak passwords and logins with bots and other brute force techniques. If successful, the brute force attack would give the hacker a backdoor into the corporate network and access to data on the user’s desktop.
Businesses using RDP must ensure that their servers are properly configured and secure, users are accessing the service using two or multi factor authentication and a VPN, and that access controls are in place and are regularly monitored.
Golden security rules
Security has always been fundamental, but businesses must now focus on protecting themselves against the rise in cyberattacks whilst employees work remotely.
Having a strong culture of cybersecurity instilled in the workforce is essential. Staff awareness training helps employees to recognise common types of attacks, as well as to use their initiative to recognise something that doesn’t seem ‘normal’. Having a Home Working Policy and incident response system in place also helps to recognise any issues or potential threats early on.
Protecting employees’ devices is one of the first steps to take whilst employees work remotely. Ensure that all users run Antivirus scans regularly, as well as system security updates and patches.
Home Working Policy
Employees should follow a strict Home Working Policy, including not installing new software that has not been approved first. Copies of corporate documents should also be accessed using a collaborative system such as SharePoint, as opposed to keeping files stored on the device itself.
Securing home WiFi is also important if employees are accessing company files and systems. Ensure that every employee checks that there is a strong password enabled on their home network and that they apply firmware updates. WPA2 or WPA3 can also be selected for encryption on the router for maximum security.
Network security is paramount, which is why the corporate network must be secured and access to it needs to be monitored. User and access rights must be set by the System Administrator or hosting provider to ensure that users with the correct permissions are accessing the right parts of the network.
Ensure all employees are using firewalls, a virtual private network (VPN) to access the network and two or multi-factor authentication to access third-party software and systems.
Strengthen cyber security across the business by having a multi-layered approach to security in place, including DDoS Protection, Intrusion Detection and use of web application firewalls. You can find out more about how Hyve’s Security Suite can protect your business here.
Have you heard of any other cyber attacks affecting businesses? Let us know your thoughts about the rise in hacking @Hyve!