By Mark Skelton, Vice President and CTO at CANCOM UK&I
The past 12 months have been highly challenging for businesses across the globe. Whilst business leaders have focussed on the struggle to maintain income levels during national lockdowns, the marked increase in the number and frequency of cybersecurity attacks is a new challenge that cannot be ignored.
It seems that just as swiftly as businesses switched employees to a home-working dynamic, so cybercriminals switched their attack vectors. Having employees working from home in unprecedented numbers quickly became a gateway to new forms of data theft and at levels previously unseen. In fact, recent research has showed that 63% of CISOs have observed an increase in the number of cyberattacks.
The path of least resistance
During lockdown, CANCOM’s cybersecurity researchers tracked a significant increase in phishing scams that were targeted at customers. The team also saw an increase in Remote Desktop Protocol (RDP) server scans attempting to break into environments through the path of least resistance, by attacking areas that did not have robust security defences. In addition, CANCOM observed an increase in attacks using open-source tools to find vulnerable Internet of Things (IoT) devices found in home offices that would be ripe for attack.
Some of the problems around remote working security can be attributed to rushed IT deployments at the start of the pandemic. These were quickly installed to plug gaps in remote working capability and were not fit for purpose long-term. 85% of CISOs have even admitted that they sacrificed cybersecurity to quickly set up employees to work remotely.
CANCOM researchers found several misconfigured web applications that were in danger of being exploited, such as a ticketing system used by a big IT firm that had been mistakenly misconfigured and could have been used to deliver emails laced with malware. The team also found 29 subdomains that were deemed vulnerable for malicious intent if discovered. The subdomains were across various industries from large automotive manufacturers to multi-national investment firms. Should the vulnerabilities have been exploited before they were found, this could have led to the theft of sensitive customer data.
Teams pushed to their limits
In the age of digital transformation, IT and cyber resilience is the foundation of a company’s future viability. However, with the threat of cybercrime increasing across every sector during the pandemic, IT departments are being pushed to their limits amidst a growing skills gap – which is plaguing 78% of managers worldwide. In fact, recent research suggests that these teams are, on average, 40% smaller than required, with the ratio of technical support staff to general employees now at a paltry 1:136.
Put simply, IT teams today are being asked to do more, with less. They are time-poor and understaffed, yet expected to constantly monitor the latest security threats and be ready to act at a moment’s notice in the event of a breach. Plus, they face a confusing web of complicated data protection regulations that can change from country to country. Not to put too fine a point on it, modern IT security requirements are pushing teams – especially those in SMEs – to breaking point.
The reality is that very few businesses have the internal bandwidth and expertise today to undertake 24/7 attack monitoring and protection themselves. Luckily, help is at hand. Outsourced Security Operations Centres (SOCs) help businesses achieve comprehensive cyber protection in the face of unprecedented demand. They can either work completely autonomously or hand-in-hand with the business’ existing IT department.
There is no silver bullet
Companies of all sizes are vulnerable to attack, but there is no one-size-fits-all solution to protect today’s hybrid working environments. As with every IT investment, it is best to embed security in the foundations, by design – but include your team in the process.
It is important that organisations do not stand still. Once a new cyber defence has been deployed, it is then crucial to regularly check that it remains effective. And remember – you are not alone. In these increasingly challenging times, and under the increased pressure of having to secure today’s home workers, it is often no longer economical for IT teams to cover their entire technology stack themselves. Savvy organisations are, therefore, embedding flexibility in their armoury and leaning on the expertise of a managed services providers as required.
Taking time to pause
The past year has significantly redefined the workplace. Home working has brought a myriad of benefits, so much so that most employees don’t want to go back to the office full time even when it’s safe to do so. Therefore, it’s crucial that businesses ensure that office and home working exist in perfect harmony, by investing widely in the right tools and equipping IT teams with the means to protect the business and the staff within. It is a case of remaining one step ahead. It is a case of making good cybersecurity intrinsic throughout the entire organisation – from top to bottom.