Massive gaps in cybersecurity present as employees WFH: Study

Since organizations moved to a work from home (WFH) model, the potential for cyberattacks and breaches has increased, according to Malwarebytes’ study, titled Enduring from Home: COVID-19’s Impact on Business Security. The study combines Malwarebytes telemetry with survey results from 200 IT and cybersecurity decision makers from small businesses to large enterprises to unearth new security concerns in remote work environments.

In fact, since the start of the pandemic, 20% of respondents said they faced a security breach as a result of a remote worker. This in turn led to higher costs, with 24% of respondents saying they paid unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders.

In addition, 28% of respondents admitted they’re using personal devices for work–related activities more than their work-issued devices, which could create new opportunities for cyberattacks. This figure becomes more problematic next to another survey result, which indicated that 61% of respondents’ organizations did not urge employees to use antivirus solutions on their personal devices.

“Our fundamental shift to working remotely has dramatically underscored the need for comprehensive security, as well as IT guidance and training to avoid breaches. Many organizations failed to understand the gaps in their cybersecurity plans when transitioning to a remote workforce, experiencing a breach as a result,” said Marcin Kleczynski, CEO and co-founder of Malwarebytes. “The use of more, often unauthorized, devices has exposed the critical need for not just a complete, layered security stack, but new policies to address work from home environments. Businesses have never been more at risk and hackers are taking notice.”

On the threat landscape, Malwarebytes observed that cybercriminals have adapted to take advantage of improperly secured corporate VPNs, cloud-based services, and business email—all which could be used for infiltration of corporate assets. There has also been a surge in phishing emails that use COVID-19 as a lure to cover up malicious activity. These emails contain commercial malware, such as AveMaria and NetWiredRC, which allow for remote desktop access, webcam control, password theft and more. Malwarebytes data showed that AveMaria saw a bump of 1,219% from January to April 2020, an enormous increase from 2019. According to Malwarebytes telemetry, AveMaria mostly targeted large enterprise businesses. Similarly, NetWiredRC observed a 99% increase in detections from January to June, primarily targeting small- and medium-sized organizations.

“Threat actors are adapting quickly as the landscape shifts to find new ways to capitalize on the remote workforce,” said Adam Kujawa, director at Malwarebytes Labs. “We saw a substantial increase in the use of cloud and collaboration tools, paired with concerns about the security of these tools. This tells us that we need to closely evaluate cybersecurity in relation to these tools, as well as the vulnerabilities of working in dispersed environments, in order to mitigate threats more effectively.”

Despite this, companies appear to have a high level of confidence about the transition to working from home, with roughly three quarters (73.2%) of those surveyed giving their organizations a score of 7 or above on preparedness for the transition to WFH. A majority of companies with less than 700 employees (84.1%) moved more than half of their workforce, but not all (61–80%). On the other hand, companies with at least 700 employees opted to move almost all their workforce home (81–100%). In the wake of this shift, 45% of respondents’ organizations did not perform security and online privacy analyses of software tools deemed necessary for WFH collaboration. And frightfully, while 61% of respondents’ organizations provided work-issued devices to employees as needed, 65% of respondents’ organizations did not deploy a new antivirus solution for those same devices.