October 15, 2020
Cyber Security

Changes In The Cyber Security Threat Landscape Caused By COVID-19

Changes In The Cyber Security Threat Landscape Caused By COVID-19

Andrii Lysyuk
Author: Andriy Lysyuk, Head of Cyber Security at Ciklum. 
Master of Science, Applied Physics, 20+ years of experience in IT and Information Security. Prior to Ciklum he worked as Information Security Consultant in EY Global Delivery Center and IBM Global Delivery Center. He has CISSP and CISA certifications. Andriy has experience in Information Security Management, Application Security, Network Security, Incident management.

It’s no secret that COVID-19 completely changed the face of 2020. From closed borders to canceled Olympics, modern life ground to a halt in the face of a newly evolving pathogen that continues to remain elusive to date. 

Citizens and companies around the world responded to the public health crisis with vigilance, committing to temporary lifestyle changes to prevent the spread of the virus at large. Abandoning skyscrapers, office parks, and other physical places of business at scale, all but the most essential workspaces were replaced with an ever-changing patchwork of Zoom calls, Slack chats, and other productivity tools that enabled employees to stay busy from a distance.  

But from weak Wi-Fi security to the pervasive spread of misinformation, COVID-19 has dramatically altered the cybersecurity threat landscape. As individuals and companies continue to live under the shadow of the coronavirus until the disease is cured and preventable, anyone tasked with interacting with technology will have to remain vigilant in the face of cyber predators seeking to take advantage of those affected by the pandemic. 

Here are some of the major changes in the cybersecurity threat landscape caused by the arrival of COVID-19:

User access policies

Because remote work technology is easy to deploy at scale, users can be quickly granted access to new solutions that make it possible to work from home. But just because an employee is working remotely doesn’t necessarily mean they’re going to be working in a particular role forever. 

Whether it’s through a promotion, a title change, or a layoff, it’s essential to make sure that proper remote access control is established throughout an organization. Multifactor authentication is one technology that helps ensure that the proper user is accessing the proper account, augmenting traditional passwords with physical devices or other additional layers of security. Policies to oversee employee onboarding and offboarding can also help prevent users from gaining or retaining access to information that should otherwise remain restricted. 

Throughout the pandemic and beyond, organizations should take concrete steps to ensure that only authorized users can use licensed applications, log into secure services, and access corporate networks. 

Personal device security

As streets around the world went empty to maintain social distance, modern technology made it possible for workers to carry out their work remotely. In what’s been described as the world’s largest work-from-home experiment, scores of workers unaccustomed to conducting business from home turned smartphones, laptops, and other personal devices into work equipment, enabling them to stay productive using common technology they already owned. 

But despite the convenience and capabilities of personal technology, remote work arrangements can present significant challenges for cybersecurity. According to the Work-from-Home (WFH) Employee Cybersecurity Threat Index, 56% of work-from-home employees are said to be using personal computers during the COVID-19 pandemic, and nearly 25% of employees are unaware of their device’s security settings. As a result, home networks have seen a significant wave of cybersecurity attacks. Personal networks are also believed to be 3.5 times more likely to contain malware when compared to corporate networks, leaving remote workers in a potentially dangerous digital scenario. 

To keep information safe, organizations must take additional care when entrusting users to use corporate-owned devices or access work networks over home internet connections. Because home networks often lack corporate-grade security, companies expecting users to work from home should be sure to incorporate greater levels of encryption, deploy VPNs, or build virtualized work environments to mitigate potential threats from an employee’s home router. 

Remote scams

Cybercriminals hoping to steal private information have long used  phishing campaigns, and other social engineering tricks. Falling victim to malicious links or phone calls that appear to be legitimate, unsuspecting users can find themselves siezed in dangerous traps that can cause serious financial or personal harm. 

Unsurprisingly, bad actors are using the COVID-19 to their nefarious advantage, spreading malicious information in hopes of convincing users into giving up personal or private data. New phishing campaigns disguised as correspondence from public health organizations, such as the Centers for Disease Control and Prevention (CDC) and World Health Organization (WHO), have been designed to get users to click dangerous links to legitimate-sounding websites. Sextortion campaigns, which use individual usernames and passwords obtained in a data breach to falsely entrap a user into believing damaging private information will be revealed unless a Bitcoin fee is paid, have also been threatening to infect the victim’s family members with the coronavirus.

Phishing and extortion campaigns are nothing new to the internet, but users must remain vigilant to distinguish between true and false information. In an era in which the public is dependent on critical correspondence from trusted organizations, checking the validity of a message and its sender is essential to staying safe and secure online. 

Higher security costs

Even in the best of times, running a world-class IT operation can be a complicated and costly endeavor. Managing equipment, enhancing security, and handling a revolving door of users require investments in technologies, services, and personnel to keep users productive without placing critical infrastructure at risk. 

The overnight switch to remote work policies and other business arrangements to account for COVID-19 has put businesses in a tough position. Buying and distributing laptops, building secure virtual work environments, and subscribing to online productivity tools all contribute to a higher annual IT bill, which will inevitably lead organizations to seek cost-cutting efforts to manage the unexpected jump in technology costs. 

Fortunately, many of the security technologies organizations were forced to adopt will be useful investments that greatly outlast the pandemic. Businesses have long been switching to managed services and subscription delivery models, but the urgent necessity to rethink workplace technology has greatly accelerated these trends. The same is true concerning broad approaches to cybersecurity, presenting organizations with the opportunity to fully embed DevOps and other strategies into core business practices. 

Considering the holistic view of an organization’s cybersecurity infrastructure, the unanticipated costs from the outbreak of the pandemic may ultimately help organizations speed up digital transformation projects that save serious money in the long-run. 

Check out our DevSecOps services page to learn how Ciklum can help to make your product development process more secure .