OK, I told myself that I was not going to write about the Coronavirus this weekend, as I have tried to remain unplugged from all of the news headlines. But I couldn’t resist. As I was perusing the Cyber news headlines this morning, I came across an article that did a really good job giving a pretty detailed overview of the new challenges of what it will be like for employees to work from home for the next few weeks, or even month.
Now, for those employees that are used to working remotely, this should not be too much of a problem or a headache. They were probably issued company devices, which had all of the security protocols installed onto them, and these kinds of employees understand the (well, we hope) the importance of logging in securely, and not using a Public Wi-Fi or using your own personal device to do your daily job tasks.
The challenge now comes for those people who have really never experienced working remotely. Rather than coming into the office every day, they will now have to work home, and abide by a whole new set of policies and procedures that they are not accustomed to.
This includes not only the American workforce, but for the most part, the entire population. In this regard, one group of people who will have a hard time are the college students who will now have to study from home.
In other words, while the new buzzword that has been coined up which is that of “Social Distancing”, may prove to have its benefits in the short term by preventing a bigger catastrophe of the Coronavirus, its long term effects to the human psyche are still not known. We are a society that heavily depends upon human interaction, and at a very close range.
But from the Cybersecurity standpoint, here is what is potentially at risk:
*The attack surface for the Cyberattacker has just increased probably by well over 1,000%. This means that everybody is now at a much a greater chance of becoming a victim, because rather than working from workstations and devices that were fortified, employees will be working now (for the short term) behind brand new devices in which the security measures deployed onto them will more than likely be poorly installed, due to the haste of making them work from home.
*The Cyberattacker now will not be using the traditional Phishing Emails in order to lure victims in to downloading a malicious document or clicking onto a spoofed link. Given all of the hysteria, anxiety, fear, and panic that the Coronavirus has brought on, the Cyberattacker is now going to use the principles of Social Engineering to capitalize upon all of this and explode these emotions even further. The perfect example of this is sending out Phishing style Emails, text messages, and even phone calls telling people how to download more information about the Coronavirus and how to stay safe. But truth to be told, the victim will just be steered towards a spoofed website, in which they will be tricked into submitting their Personal Identifiable Information (PII).
*Using the process of IP filtering, the Cyberattacker is now in a much greater position to gauge those employees who are working from home when they have traditionally worked in an office-based setting. For example, the business will have its own ranges of IP addresses, and the since these employees will now be working remotely, they will more than likely be logging into the corporate network via their home Internet connection. This in itself uses its own range of IP addresses. By comparing these two ranges, the Cyberattacker will now be able to ascertain with greater ease those employees who have just started to work remotely. As a result, they will now become the prime target for the deployment of Malware, Spyware, being directed to spoofed up websites, etc.
*It is not just the new remote employee that will be at risk. The businesses that will be sending these employees home will be doing everything in a haste and will probably not give these employees all of the tools that they need in order to securely login. The Cyberattacker is aware of this and will also purposely look for holes in the network communications between the remote device and the corporate server and use those as a backdoor in order to covertly make their grand entrance into the IT/Network infrastructure of the business.
*A phenomenon known as “Device Sprawl” will now start to proliferate in large magnitudes. This simply means that many more employees will now be telecommuting, more than even before. Because of this remoteness, the IT Security teams of businesses will basically lose complete control of the security environment in which the employees will now be working in. This means that rather than using the company issued devices, the employees may find a comfort factor in using those devices that they know already – such as their own personal Smartphones, laptops, etc. This translates into the fact sensitive corporate information and data will now be at total risk of being hijacked. Maintaining a regular schedule of deploying software upgrades and patches and maintaining the proper amounts of endpoint security is essentially now thrown out of the window.
*Those businesses that are involved in the regulated industries, such as the legal, financial trading, insurance (which includes things like medical and life) traditionally have used legacy based computer systems in order for the employees to conduct their daily job tasks. Now the challenge is how are you going to make a legacy system into one in which employee can work remotely in a secure manner? The answer to this is that it is close to impossible given the short time frames that businesses have make this particular transition, because whatever devices employees are given to work from home must meet industry regulations and compliance laws.
*Those businesses and organizations that make use of proprietary software for employees to conduct their daily job tasks will require sophisticated levels of customization in order for the to work remotely in a secure manner. This will of course take a lot of time to do properly, and this is something that most entities do not have luxury of possessing.
*The chances of “Bring Your Own Device” or “BYOD” will more than likely erupt to levels that have never been seen before. For example, if an employee gets stuck somewhere, they most likely will not have their company issued device to work while they are waiting to get unstuck. Rather, they will be using their own personal device in order to do job tasks and communicate with their coworkers and managers, in fears so that they will not lose their job. Of course, all of these transmissions will be done over insecure lines of network communications, thus expanding the attack surface just that much more.
My Thoughts On This
Under normal circumstances, working remotely is not too much of a security issue. The reason for this is that the business has the time to prep the equipment install needed security protocols and applications, and to also train the employee in how to properly login remotely as well. But given the circumstances that the United States and the rest of the world is dealing with right now, the time is not just there.
All that can be done is to prepare these new devices as quickly as possible, and hope that the employee will be as Cybersecurity conscience as possible. But this may also be hard to accomplish, given all of the stresses that everybody is currently under.
But all of this scores one extremely important that the Cybersecurity Industry has been preaching to Corporate America: The need for a solid Incident Response/Business Continuity/Disaster Recovery Plan. Many companies in Corporate America still do not have this.
Just imagine if a business had all of this in place before the impacts of the Coronavirus hit. Making the transition to a remote work environment for the short term would have been a much easier and almost non-nightmarish event to occur.
But this will actually be a huge boon to those Cybersecurity companies that specialize in consulting in these areas and writing these kinds of plans. Hope they take advantage of it, for a lack of better terminology.
But this new trend that is occurring also spells out one more thing: The need to move to the Cloud. All of those pieces of hardware that you would normally configure quickly right now can be done with just a few clicks of the mouse if most of your IT/Network infrastructure were to have been on a Cloud based platform.
For example, you can create Virtual Workstations, Virtual Servers, and make all of your company specific applications available so that your employees can access them securely from anywhere and anytime where they may in the world. As a result, remote working would just be a seamless process, with no second thoughts given, for the most part.
In other words, the Cloud offers great benefits in hosting your entire IT/Network infrastructure. If you are currently not in the Cloud, consider strongly the use of either the Amazon Web Services (AWS) or Microsoft Azure.