Remote Work: The New Cybersecurity Threat

Concept of data security

With 42 percent of the U.S. labor force now working from home full-time, according to a recent Stanford survey, and a record 4,000 cyberattacks reported every day, organizations are scrambling to provide consistent, reliable, and secure remote access to employees and customers.

But leaders in the cybersecurity field understand the old tools cannot keep pace with a 400% increase in cybercrime since the pandemic started. These once-reliable methods, where VPNs backhaul traffic into the data center from networks and systems that are not controlled by the organization’s IT, could open protected assets to potential malware. Other organizations, for purposes of expediency, have sacrificed VPN altogether in an effort to rapidly deploy remote access to the throngs of staff now working from home in the wave of COVID by exposing unprotected remote desktop services (aka, RDP or Terminal Services) directly to the Internet. In either case, risk of exposure to malware or breach is high.

As MSPs increase their resources for security, it’s important to see these once trusted remote access strategies are quickly becoming outdated. The research and advisory company Gartner recommend enterprises adopt a zero-trust network access (ZTNA) strategy instead. Others suggest using increased policy training, VPN, and SOC as a service to harden the system.

Phishing Still Reigns Supreme

Phishing continues to be the cash cow of cybercriminals. By improving their graphics, name recognition, and urgency, cybercriminals recognize that employees working from home can be more distracted and reactive. A Verizon Business 2020 Data Breach Investigations Report found remote workers were three times more likely to click on a phishing link and then enter their credentials than they were pre-COVID. With business relying on SaaS platforms this year, inherent system security gaps provided more opportunities, as well. A strained workforce and executive team mean limited opportunity to plan or create needed security training or policies

Given the complexity of this growing problem, MSPs will see a new role in evaluating the security essentials. Through supporting their clients, and using SOC as a service, they will help educate companies about the basic threats.

The Stalker in Your Computer

Employees are increasingly unaware when they lose control of their own equipment. This is by design. As cybercriminals slip in through phishing or malware and lurk there for days or months, they secretly sneak around collecting data. In that time, sophisticated criminals creep into the systems and plan their large-scale attacks on the companies.

If C-Suite teams fail to harden the environments, they can expect a tsunami of cybercrime. Not only did the FBI’s cyber division field report up to as many as 4,000 cyberattack reports a day, according to a recent Cision press release, but data now shows a 40% increase in unsecured remote computers.

Cyberattack Success Creates Blood in the Water

Increasingly publicized wins escalate cybercriminals’ greed. Since March, the Israeli fintech company Sapiens paid a $250,000 ransom in bitcoin after hackers threatened to shut down the company’s network, according to CNBC. Florence, Alabama, paid close to $300,000 in bitcoin after a cyberattack on its computer network in June. Torrance, California allegedly paid the bitcoin equivalent of $700,000 after its website, email and financial system was taken over in the early spring of 2020, according to CNBC. These public, successful, and lucrative attacks are blood in the water for cyberhackers, increasing their numbers and skill. And it is something organizations might investigate if other pieces, like Azure Active Directory, are already in place.

Harden the Environment Through SOC Service, Policies, and/or ZTN

To harden the work environment, businesses are intensifying cybersecurity practices, such as tightening evaluation, limiting access, and increasingly walling off vulnerable pathways. One option is Zero Trust Network, a comprehensive strategy that requires all users, even those inside the organization’s enterprise network, to be authenticated, authorized, and continuously validated. This validation requires security configuration and posture, before being granted or keeping access to applications and data. Business is also changing the way it perceives users, seeing their devices and practices as inherent threats and tracking their moves.

Expert researchers such as Gartner understand the depth of this problem, saying 60% of enterprises could replace VPNs with ZTN by 2023 due to the speed of changes required and the technology that is already in place. But going forwards, as remote working becomes the new ‘normal’, even if only temporarily, ZTN provides a secure and flexible solution. And it is something organizations might investigate if other pieces, like Azure Active Directory, are already in place.

For businesses that have already migrated to Windows 10, Always On VPN is the next best alternative. This approach requires more investment than a traditional VPN server, with requirements for a Network Policy Server and Active Directory Certificate Services. But if you can get funding and mount the technical challenges, Always On VPN is the most secure way to establish VPN connections from Windows 10 to your corporate network using native technologies. Alternatively, there are plenty of third- party products for Windows, from the likes Cisco and Check Point, that are also worth looking at. While businesses often cannot hire a team to get the work done, working with a SOC as a service enables better value with experts who regularly search and fine culprits.

Contact inSOC for more information on our cyber security solutions for MSPs and MSSPs, and how we can help you to stay one step ahead.