Just a few months ago, the scale of disruption caused by Covid-19 was almost inconceivable, writes Andy Heather, VP of the privileged access management (PAM) company Centrify.
Yet now, more than six weeks into the United Kingdom’s lockdown, much of the general public are finally beginning to adapt to the ‘new normal’ characterised by restrictions, quarantine and social distancing. Our incredible NHS is treating the sick with speed and proficiency, businesses have adapted quickly to remote working, and as a nation we are standing side-by-side.
Remote workers, who just a few weeks ago were faced with a complete shakeup of their workplace culture, should now be settling into the world of video conference calls and online processes as a matter of routine. However, it remains clear that another threat has emerged, and remained relatively unnoticed by an abundance or organisations which are still in operation:
The increasing risk of a cyber attack.
Cyber criminals are opportunistic and immoral, and unfortunately are seizing the opportunity presented by the influx of remote workers, investment in new and unsecured devices, and, perhaps most worryingly, the fears and insecurities of average people during this difficult time.
In fact, Centrify’s own research has already noted a significant rise in the number of cyber assaults facing organisations. We even found that that nearly three-quarters of business decision makers (71pc) believe that the shift to 100 per cent remote working during the Covid-19 crisis has increased the likelihood of a cyber breach, in polling conducted at the end of March.
What’s more, the polling also revealed that 46pc have already noted an increase in phishing attacks since implementing a policy of widespread remote working; business decision makers also fear that IT systems are now at increased risk, with over half (56pc) saying they believe that privileged IT admin remote access is at risk of security breach.
This is not surprising from my perspective, because cyber attacks have not only increased in quantity, they’ve also refined their targeting. Scammers are using the guise of charity, financial institutions and government schemes to lure unsuspecting victims into handing over their access credentials (such as usernames and passwords).
A recent cyber scam campaign recently saw hackers targeting remote worker with email purporting to be from HM Revenue & Customs, and regarding the government’s new Coronavirus Job Retention Scheme.
How should organisations defend themselves against this new threat?
Businesses which have enforced compulsory video training sessions for all employees must be commended, and those which haven’t should really be encouraged to do so immediately. Becoming aware of this growing threat is half the battle in ensuring employees do not fall victim to online cyber scams, and everyone (not just remote workers) must conduct online activities with a suitable level of awareness towards online threats.
Unfortunately, for a majority of businesses, training sessions won’t cut it. As previously mentioned, phishing schemes are growing in sophistication, to the point where even the most computer literate online users may confuse a scam with the real thing.
In the near future, and especially for businesses with 10 or more employees, a security breach attempt is all but inevitable. There are likely very few organisations which have not already been targeted by a cyber attack of some form since adopting a remote working model.
Furthermore, with the mass adoption of remote working, more employees than ever are using personal laptops and devices for work, and with IT budgets cut to a minimum to free up funds for Covid-19, business security is at an all time low right now in the UK.
Thus, business decision makers have no choice but to assume that malicious hackers have already gained access to their organisation. Therefore, they must introduce privileged access management (PAM) solutions and best practices to secure their critical infrastructure and sensitive data.
This involves trusting no one, authenticating every access request with secure multi-factor authentication steps, and authorising access on a ”just enough, just-in-time” basis.
What this means is that every privileged access request – whether from a human, machine or API – requires additional identifying factors to be input before a user is allowed access. This will typically require a username and password, as well as inputting a text code, a using a hardware card or key, or even using biometrics such as a fingerprint scan. Users will then be given a specific time-limit to access the applications, files or data they have requested, and only be given access to those specific assets.
In the long-term, assuming that all access points and employees have been compromised is the only way to be sure that malicious hackers can not gain access to potentially-valuable information. Surviving this incredibly difficult crisis is a feat in itself, and the last thing any organisation wants is to compound the challenge with the possibility of a severe breach of company, client or even employee data. Therefore, it’s essential that all decision makers and IT managers put the necessary cyber security measures in place, before it’s too late.
