Until just a few years ago, working in an office, five days a week was the norm for many. With that came the water cooler conversations and lunch time catch ups with colleagues with whom we’d spend most of our waking hours. Seeing the same familiar faces on a daily basis, and with set routines and clear safety policies and procedures in place, it was fairly easy to spot any deviation from the norm and anything untoward happening, says Paul Ponzeka, CTO, Abacus Group.
In today’s distributed landscape, that’s no longer the case. The fixed, clearly defined security perimeters of old have been eroded, and colleagues who once regularly rubbed shoulders may now work hundreds or even thousands of miles apart. In short, the traditional perimeters of protection are dissolving.
Capitalising on a lack of face-to-face interaction
While new working practices offer substantial benefits and opportunities for employees and employers alike, they have also been welcomed by cybercriminals. As the workforce becomes more physically disparate, the number of face-to-face interactions between employees has significantly reduced. This distance provides criminals with new opportunities to socially engineer. One example of this in practice is the sending of emails to employees purporting to be from a colleague.
In this scenario, an employee might receive an email from a colleague making an unusual request. While the email address is correct, the tone is slightly out of character – perhaps even rude. In the past, the employee would go over to their colleague’s desk to check everything was OK. Yet, as the majority of interaction between colleagues now tends to happen online, uncertainty and the benefit of the doubt could lead to the employee handing over sensitive data that falls into the hands of a phishing attacker.
Sophisticated, targeted attacks
Although often associated with email, phishing is no longer just an email security problem. Rather, it has become an increasingly sophisticated, targeted, and ruthless method of attack, affecting a growing range of communication and productivity applications and services. For instance, many of the popular cloud-based collaboration and file-sharing services being used by businesses today, such as Microsoft Teams, Slack, and Google Docs, are also being used by criminals as an initial point of penetration. This attack vector relies on implied trust: victims are familiar with the platform and access it daily, so are more likely to go through the motions and let their guard down.
There is also a growing trend of social engineering attacks in workplaces becoming more human-centric. The rise in highly effective spear phishing campaigns which target a specific person or organisation, rather than a wider audience of potential victims, is a clear sign of this. Spear phishing uses advanced social engineering techniques to craft an effective campaign based on gathered intelligence about a target, usually to steal login credentials. Once in, the attacker can access a treasure trove of sensitive data, moving undetected and undeterred until they have accomplished their objective.
It’s not just fully remote workplaces that are at risk. Hybrid workplaces – where employees divide their time between the office and home – also present potential weaknesses for criminals to exploit. Within larger businesses, in particular, it’s easy to assume that someone ‘new’ is who they say they are if you haven’t met face to face. It has also become much harder to verify a person’s identity by sight alone. Even a moving image on a video call doesn’t give the complete picture. Bad actors can – and will – play on these gaps and uncertainties.
Employee education
While it’s evident that remote working has brought with it new and increased security risks, the answer isn’t to revert back to the old ways of doing business. Instead, to ensure they can safely leverage the benefits of flexible working models, organisations need to adapt their security to their unique and changing needs.
Partnering with a trusted IT solutions and services provider can give organisations the support they need to adopt a zero-trust security framework that is not reliant on perimeter security, instead requiring each user, application, and device to individually pass an authentication test each time they access network resources. Taking this approach will ensure that a dispersed workforce can continue to work and collaborate efficiently but with the peace of mind that the person they’re engaging with is who they say they are.
Another vital piece of the puzzle is to increase cybersecurity awareness among employees, educating them on evolving security threats and essential cyber hygiene practices. As the saying goes, ‘an organisation’s cybersecurity is only as strong as its weakest employee’, therefore training employees on cybersecurity at least once a quarter and informing them of the potential impact a social engineering attack will have on the business is crucial.
By adopting these proactive and protective measures, businesses and their employees can reap the rewards of remote and flexible working, confident that social engineers are being kept at bay.
