Risk of Hybrid Working – Combining Remote and On-Prem Work

Is Your Remote Work Infrastructure Secure

Even before the Coronavirus pandemic, organizations and businesses were playing with the idea of more remote working environments as a way to lower overhead and attract top talent. Now, remote working seems to be the future of the office with social distancing and preventative measures having forced the hands of individuals and businesses. However, businesses need to be alert as there is added risk of hybrid working environments.

As always, scammers, hackers, and ransomware gangs have been quick to pounce on the new opportunities that emerged in this paradigm shift. To protect employees as well as business interests, organizations and IT leaders need to be equally quick to react to not become another statistic.

With that in mind, here are the top hybrid/remote working threats and how to counter them:

Phishing Scams

In the age of high-profile, multi-million dollar ransomware attacks, phishing is often dismissed as “yesterday’s threat.” However, statistics tell a different story. Phishing is responsible for as many as 14% of all data breaches and is still a frequently employed infiltration method used by ransomware gangs, such as Ryuk, Trickbot, etc.

According to ZDnet, phishing and email scams related to COVID-19 surged 667% in March 2020 alone during the COVID-19 pandemic.

Reasons for phishing posing larger threats in remote environments are manifold:

  • Employees working on unsecured private devices that may not have the same level of phishing detection + prevention
  • Increased communications via email and other remote channels
  • Malicious actors taking advantage of conditions (such as the COVID-19 pandemic) to prey on people’s anxieties
  • Scammy emails from outside sources being shared/passed around within your teams’ email groups

How to counter it?

Perhaps the most effective way to counter phishing in remote environments is to start phishing training and awareness programs. This will empower employees to detect the signs of a phishing attack. However, training has to be regularly updated as phishing tactics are constantly evolving. Paradigms, such as the Phish Scale, is meant to help organizations test and improve their readiness to avoid falling prey to phishing attacks.

 

LIFARS’s Cyber Resiliency Team will simulate a real phishing attack to your organization and based on the results collected and our in-depth analysis of the company email system (encryption, protocols, filters, etc.), we will help optimize the system to increase the overall security posture to help keep cybercriminals from entering your network

 

Third-party Data Breaches

As remote working places become more commonplace, so does our reliance on third-party tools to help overcome some of the related challenges and help facilitate communication and productivity. One example is the boom in the video conferencing industry with companies like Zoom flying high.

However, these large-scale public services are ripe targets for hackers. Exfiltrating or stealing data from these services can give hackers access to user accounts which can be used in turn to infiltrate company accounts or systems. Bleeping Computer reported that it uncovered over 500 million Zoom accounts being sold on the dark web.

The possibility of other threats, such as “ZoomBombing,” should also be considered.

How to counter it?

The first and foremost step you should take is to try and ensure that all work-related communication/collaboration is taking place on company-approved or official platforms. As the number of third-party software that interact in some way with your employees and systems increase, so does your exposure. You should also regularly keep an eye on the news for possible security incidents involving these platforms and act appropriately to protect your interests. Also, ensure that you only allow third-party tools and software with SLAs and proper compliance certifications with security standards appropriate to your risk level.

Weak Account Security

In remote environments, employees typically access company portals or enterprise applications to carry out their work or collaborate. However, with companies accessing these resources outside of the office environment, each login carries increased risk.

In the wild, the number of ways employee accounts can be compromised is almost unlimited:

  • Using unsecured home or public wifi
  • Forgetting to log out of accounts
  • The increased probability of trojans or other credential-stealing malware on personal devices
  • Weak standards for credentials/identity verification, and more

Even relatively low-level accounts can be used as a staging ground for attacks that involve escalating user privileges or social engineering to acquire sensitive information.

How to counter it?

Luckily, this is one potential risk you can do plenty about. Using single-sign on techniques across your enterprise ecosystem is one way to reduce the number of logins, dropped connections, etc. that increase the risk of exposure. Other techniques are to enforce multi-factor authentication, strong username/password combinations, multiple levels of authentication, adhering to least-privilege best practices, and proper role management.

Malicious File Sharing

Of course, file sharing is an inescapable part of working together, even in a conventional office environment. However, for many of the same reasons already explained, file sharing in remote environments carries additional risk.

Chances are higher that employees will do some (or all) of their work on unsecured home devices. Even if they are using secured, company devices, they might share the home network with other devices that are most probably not held to the same standard.

How to counter it?

The best defense here is to invest in and implement high-quality endpoint security solutions. Today, many enterprise solutions can be found on the market that use AI and machine learning to quickly and automatically identify and deal with malware. If using email clients, ensure that employees use encrypted email sending. You might also want to invest in secure file-sharing platforms that comply with regulatory standards, such as HIPAA, depending on the field you work in.

Conclusion

Remote work does have its benefits, and we all have to do our part in the face of the ongoing pandemic. However, companies need to prepare themselves for this new normal by securing their remote infrastructure and helping to prepare employees to harden their remote working environments. Assessing your current readiness and risk profile is a good place to start.

 

Sources:

Zoom Accounts Sold by Hackers on the Dark Web

Threat Spotlight: Coronavirus-related Phishing