22 April 2020

Covid-19: Teleworking and Cybersecurity, in

Today, we live in an unimaginable world, technologically, for our predecessors, and we are evolving daily at a frantic pace that contributes to more and more Iot-linked devices. However, the question that many should ask, but which is sometimes forgotten, is: How secure is this connection?

It is undeniable that society depends on technology. Every day more and more users connect online, sharing their data with consent, but not understanding what they are sharing. A study published in February shows that in January 2020, 4.5 billion people accessed the Internet, representing 59% of the world’s population. Thus, concern does not arise for many people who use their devices connected to the Internet, but for people with malicious intentions.

In March, we were all forced to adopt a remote labor regime, due to the global pandemic, of which much is still unknown. And turning a physical space into a remote space is never easy, regardless of the level of preparation, there are always setbacks that make this whole process difficult. It is essential that organizations always bear in mind that moving the office to the home of each employee can open the doors to vulnerabilities in our cybersecurity.

In this sense, how can we, then, trust the devices that connect daily to our network from numerous locations? How can we ensure that we know who is on the other side? Is it safe to share sensitive company information? The best approach organizations should take in addressing these risks is to use the basic triangle of Security - Confidentiality, Integrity and Availability - and looking at threats, checks and their effectiveness to have a sense of how the cyber risk has changed with this new situation.

These concerns are by no means unfounded currently. Due to COVID-19, the volume of cyber-attacks is the largest ever seen, according to CTI League data. In Portugal, we are very aware of phishing attempts, through fake emails, websites and SMS that claim to be a credible entity like WHO or UNICEF, to obtain the most sensitive data of each one. However, this reality and this obligation to alert the population of possible attacks and situations that could expose them, does not belong only to Portugal, but also to all countries in the world.

However, companies, unfortunately, also do not escape these attacks and, today, the vulnerabilities are increased considering the situation that the country is currently experiencing. Employees are connected to unprotected networks, it is enough for someone on that network to let in malware for access to be blocked. In 2019, 24 cases of ransomware were notified to Portuguese companies, companies that operated in a protected environment. Thus, taking into account that attempts are often made in a protected environment, it is natural that the concern is increased, in the current scenario, when companies currently have all their employees working in networks, mostly unprotected.

Given this context, it is essential that there is clear and direct communication and that the most appropriate tools are indicated to be used in order to ensure the safety of remote work. It is also necessary to inform our employees of the various ways they can be the cyber-attack victim, explain which channels are safe to use, what information can be shared and how to report any suspected cyber-attack. Devices must also be formatted with tools such as encrypted VPNs, various levels of authentication, malware blocking, malicious URLs and phishing attempts in order to guarantee a safe navigation and connection to the corporate network.

For example, one of the ways for companies to overcome and win this new form of "war" against the growing number of attacks they may have is to automate as much as possible all the functions that professionals perform, whether defense or Red / Blue Team attack; analyze the information that results from this automation process; pass, whenever possible, this analysis to Artificial Intelligence or Machine Learning, analyzing this same information and automating new processes.

We must protect ourselves, today more than ever. It is an indisputable fact. At the beginning of this transition to remote, the main concern of the IT teams was to ensure that the systems of each company worked 100% so that the work did not stagnate, now it is urgent that they focus on the importance of cybersecurity. Investing in the protection of our data is never too much, we have to inform and be informed. Just a click on the wrong site can let a cyberattacked into our private network.

*Published in

Remote work, cyber security