We are currently in the midst of an unprecedented Pandemic which has resulted in lockdowns in various parts of the world. This has led to a spurt in organisations choosing to let their workforce work from their home remotely. This has naturally led to a multi-fold increase in the IT attack surface of an organisation and hence related cyber security risks. Here we discuss some of the important Cyber security threats that organisations should address while enabling remote work.
# 1 Attacks on Availability of Remote Access Solutions Leading to Denial of Service
Remote access solutions like VPNs may become a high value target of DoS attacks by hackers since they are very essential for Business Continuity of remote workers. Controls: Plan for backup remote access servers which can be used during such attacks or use a DDoS service.
# 2 Use of Unsecured Networks Including Insecure Wifi
Remote workers may connect using insecure networks which may be compromised by hackers. Hackers may eavesdrop on network traffic or perform man in the middle attack to steal data or obtain access to the Organization’s internal network. Controls: Mandate usage of encrypted communication(Encrypted VPN, SSL/TLS) between end-points and Organisations’ IT assets. Also mandatorily enforce the use of multi-factor authentication. Employ end-point security policy to disallow access when using insecure networks.
# 3 Social Engineering, Phishing and Malware Attacks
Remote workers may be at a higher risk to fall for Social engineering attacks or Phishing because of using personal email. Lack of end point security may also make the remote workers’ systems susceptible to Malware attacks. Controls: Regular cyber-security training and using secure end-point security solutions may help mitigate this risk to some extent.
# 4 Lack of Security Patches
Remote workers systems may not be up to date with the current security patches which may make the systems vulnerable to hacker attacks. Controls: End-point Security solutions can mitigate this in some cases. User awareness via regular security training can be used to sensitise the risks of not patching systems.
# 5 Stolen laptops / mobiles/ disks
Lack of physical security or use at public places may result in the remote workers’ devices being stolen. Stolen devices can be used by hackers to retrieve data or obtain remote access to the organisations networks or applications. Controls: Enforce or mandate use of full-disk encryption on systems or disks used for Remote work purposes. Enable ‘find my device’ setting on devices. Some end-point security software have the capability to remotely wipe the disk data of lost devices which could be used if required.