Blog

In 2020, remote work quickly went from being a niche corporate decision to a sudden and large-scale shift in the way people earn their living. Before the pandemic, only 29% of the American workforce was able to work from home, according to the Bureau of Labor Statistics. However, the number increased to 1 in 4 people in August, 2020.  

For many companies, the abruptness of this shift has sent their cybersecurity for a toss. While network security teams grapple with drastic changes in technology and work practices, businesses of all sizes are left vulnerable to massive security threats.

It is no secret that data security breach can result in significant ramifications, some of which include:

• Loss of revenue
• Tarnished brand reputation
• Loss of intellectual property
• Internet-based vandalism
• Legal fines

In the spirit of raising awareness, we will discuss some of the most common network security threats associated with remote work:

1 – Common Security Threats Faced by Companies with a Remote Workforce

a) Password Sharing

Most employees share passwords with their peers to accomplish tasks quickly. According to a survey, approximately 32 million of the 95 million knowledge workers in the US are engaged in sharing passwords. This has immense implications.

Shared passwords enable hackers to walk into multiple parts of your IT network, turning an isolated cybersecurity incident into a full-fledged disaster.

Moreover, some employees may not have changed their passwords for months. This poses a huge risk to the sensitive corporate data stored on their devices. Unfortunately, there is almost no way for you to enforce responsible password habits in a remote scenario unless you use password management software.

b) VPN Attacks

With companies still working to develop their remote IT networks, many have tried to maintain business continuity by deactivating VPN restrictions. This, however, leaves the network prone to infiltrations via a brute-force attack.

In a brute-force attack, cybercriminals often indulge in “credential stuffing.” In other words, they blast a specific VPN portal with a pre-made list of authentication credentials. In case any of the credential combinations work, the attacker gets immediate entry into the portal.

If the criminal uses a Single Sign-On (SSO), they also gain access to a valid domain login. This leads to quick infiltration and an almost immediate attempt at privilege escalation.

According to ZDNet, cybercriminals are exploiting security gaps in VPN servers to infect networks with new types of ransomware, which can lead to grave repercussions, such as:

• Temporary or permanent loss of data
• Complete shutdown of corporate operations
• Financial losses (caused by stalled operations and/or remediation actions)

c) Phishing Attacks

Phishing attacks involve a malicious person or entity posing as a legitimate source to lure users into revealing their login credentials. Hackers usually attack employees with dangerous links inserted within cleverly crafted emails.

Once the employee clicks on the link, they unknowingly download keylogging software on their PC, exposing their credentials to the perpetrator. The hacker can then masquerade as an employee, infiltrate the IT network, and steal information.

2020 saw several malicious cybercriminals leverage growing interest in COVID-19 to launch coronavirus-themed phishing scams.

Furthermore, phishing emails increased by 600% between February and March of 2020. The Centers for Disease Control and Prevention (CDC) warned citizens against government impersonation frauds and asked them to avoid opening emails from unknown senders.

d) Unsecured Personal Devices

Your company’s security infrastructure is meant to be an impenetrable fortress comprising enterprise-grade tools, firewalls, and threat-detection/resolution systems. These advantages are inaccessible to remote employees using personal devices for work.

Although certain remote working cybersecurity monitoring platforms are available, employees may not be comfortable with downloading them on their systems due to privacy concerns.

As an employer, you may find it difficult to monitor your employees’ device usage at all times. They may continue working on their personal laptops and risk your business’s cybersecurity, even if you provide them with official devices. This can lead to several issues:

• An employee working on their personal device can access any website and download any app that may contain malware or viruses. A report from BitSight suggests that home office networks are 3.5 times more vulnerable to malware than a corporate network.
• They can connect to a public Wi-Fi network, leaving their device vulnerable to hackers
• Their devices can get lost or be stolen

e) Fake Login Screens (Man-in-the-Middle Attacks)

A man-in-the-middle (MitM) attack is a form of breach where hackers interject themselves into the company’s communication process and intercept important data. The perpetrator can either collect the information passively or disrupt your workflow by changing messages or impersonating a co-worker. MitM attacks are not as common as malware or phishing, but they usually have a dangerous motive.

MitM attacks are a potent threat to the new remote workforce. Perpetrators often use fake login screens and authentication tokens to steal credentials from employees. They then use these credentials to enter a corporate network from their own systems.

Once they have access, they can start a Command and Control (C2) attack, infect other employee systems with malware, or head to reconnaissance for sensitive information and data theft.

2 – How to Ensure Network Security in a Remote Environment

If your employees work from home, you should create and enforce a robust remote-work policy to minimize the security risks mentioned above. Below, we’ve listed a few network security basics that are critical to protecting a remote work environment.

a) Strong File-Sharing Policies

First and foremost, you will have to establish and practice secure file-sharing protocols. You can use cloud storage solutions to exchange confidential files. Since this process grants access only to employees with valid credentials, it is relatively secure. Also, it tracks and records the changes made to files at every step, providing you with full disclosure.

b) Provision of Official Devices

If your budget permits, consider equipping your employees with official laptops and desktops. Have your IT support team configure firewalls and antivirus software/antimalware on the devices before handing them out. This is one of the most effective ways of securing remote work operations.

c) Direct Application Access

In the Direct Application Access method, employees work within individual portals of the IT network instead of logging into the entire system. As a result, there is a lesser risk of exposure, which, in turn, spells minimal security breaches.

d) Encryption Software

Encryption provides businesses and remote workers with an additional layer of security against cyber threats. In case an employee’s device is stolen or misplaced, encryption can help ward off unauthorized access. Businesses can use two types of encryption for remote work:

• Advanced Encryption Standard (AES)
• End-to-End Encryption

e) Password Management Software

With features such as automated password rotation and random password generation, password-protection software can reduce the probability of cyberattacks resulting from faulty or weak passwords. Additionally, you can encourage your employees to utilize one-time-use credentials for further protection.

Conclusion

In the current decentralized corporate landscape, malicious security threats constantly pose a threat to network security. Cybercriminals are bound to exploit the security gaps inherent in hastily deployed work-from-home arrangements. Since a single cybersecurity incident can have long-lasting aftereffects on business operations, it is in your best interest to take preventative measures for remote network security.

Reach out to us to know more about security issues that companies switching to a remote environment are struggling with.