How to Strengthen Cybersecurity in a Remote Work Environment

A Major Challenge in Telecommuting Circumstances

Remote work gained more traction with the coronavirus pandemic. For professionals, the issue of cybersecurity has become a major challenge. Protecting and securing employees, data and devices outside of the physical boundaries of the business becomes imperative. This is equally valid in a context of pure or hybrid remote work.

Cybercriminals take advantage of current circumstances which seem to offer them more possibilities. They target remote workers with phishing campaigns, malware and other threats. They actively seek to compromise remote desktop accounts in order to gain control of servers and networks. And they're looking for personal devices that might escape corporate protection.

Teleworking and Cybersecurity: The State of Affairs

Recent studies show the desire of companies to keep working from home, or even to adopt this way of doing things permanently. Others want to maintain the flexibility put in place during the pandemic. Some companies hire for remote positions and keep employees who have moved to a different location.

But faced with this new mode of operating, experts note some sharp deficiencies in cybersecurity. And yet, the more teleworking develops, the more back doors multiply for hackers thanks to the proliferation of connected devices. In turn, corporate control over data is diminishing.

Cybersecurity has become a major challenge with the Covid-19 pandemic There was a 64% increase in phishing and ransom attempts. This is because hackers have created new phishing lures around COVID-19 themes. They have adapted traditional decoys by seeking to take advantage of remote workers.

The remediation time for critical vulnerabilities has increased by 40 days. The combination of a higher volume of Common Vulnerabilities and Exposures (CVEs), more critical CVEs, and the emergence of a remote workforce has significantly slowed remediation programs in many organizations.

The use of unsecured Wi-Fi has increased by over 240%. Remote workers who connect to open and insecure Wi-Fi networks outside of their office or home now face increased risks of malware exposure, credential theft and hijacking browsing session.

How to Strengthen Cybersecurity:

The first step is to understand what teleworkers do with their data . Then a new, safer and more effective security standard should be put in place. Experts recommend securing remote devices and points of entry.

Overall, integrate this protection into a unified strategy. The aim should be to create a single, integrated security framework to simplify management and increase visibility and control. To do this, the first step should be to create the right company policy.

Content storage should be allowed only in the cloud. You need to use cloud or web storage software that allows documents to be shared and edited. Businesses also need to strengthen endpoint security through two-factor authentication. This adds a second layer of security when logging into important applications. If an employee uses with a simple password to secure access to his account, hackers can easily find this password and use it.

This is especially dangerous if the password is already in use on other websites, as data leaks have increased over the past few years. If your password has been exposed in a data breach, anyone can find it on the Dark Web and use it to access your other accounts using the same credentials...

Connections to the corporate network must be made through a virtual private network (VPN), which uses either Secure Sockets Layer (SSL) or Internet Protocol Security (IPsec) to encrypt communications from the remote worker's computer. This helps protect both the end user and the business environment, ensuring that no one can decipher sensitive data traffic. Finally, it is necessary to adopt an emergency risk management plan.

Telework: Zoom, Microsoft Teams, Google Classroom Attract Hackers

Another risk inherent in teleworking is linked to counterfeit websites and software dedicated to this practice. So while the Zoom video conferencing app has exploded in popularity since the lockdown began, criminals are registering hundreds of Zoom-related domain names for malicious purposes.

This is hardly a surprise, since hackers routinely exploit trends to orchestrate their campaigns. For example, a lot of coronavirus-themed malware has been detected recently.

Thus, since the beginning of the year, 1,700 domain names containing the word "Zoom" have been registered, 25% of which last week. Among them, 4% had suspicious characteristics.

Check Point researchers have also discovered malicious files using a "zoom-us-zoom _ ##########. Exe" name scheme. Once executed, an InstallCore installer is launched and attempts to install unwanted third-party applications or malware.

This potentially malicious application was also detected in the Microsoft Teams installer, which has also seen a massive uptick in adoption since the start of the crisis. Also according to the researchers at Check Point, the hackers try to exploit users of Google Classroom and Microsoft Teams by producing counterfeits of these platforms.

According to other researchers, Zoom users have also been infected with the Neshta malware that can collect data on installed applications, running programs or email accounts. It is currently unknown whether these users already had this virus and infected their Zoom clients, or whether they downloaded an already infected version of the software from a malicious website.