Imminent Cyber Crime As Offices Re-Open

As organizations re-open their offices, Check Point cautions of a “new normal” plagued by novel phishing and social engineering exploits, resulting from hackers leveraging remote work and dependency on Zoom.

• Survey: 75% of respondents said their offices were open again for limited numbers of employees as lockdowns lift

• Survey: 75% of respondents said their biggest concern was an increase in cyber-attacks, especially phishing and social engineering exploits

• Survey: 71% of respondents reported an increase in cyber-attacks during February and March 2020

• Coronavirus pandemic will fade, but its cyber security effects will not

The “New Normal”

As offices re-open, organizations everywhere are at significant risk for cyber crime. The primary reason behind these inevitable threats is the permanence of remote work, which Check Point calls the “new normal”. As the lockdowns ensued, organizations were forced to compress several years’ worth of IT changes into just a few weeks, in order to support remote workforces. The support of remote work required heavy reliance on the cloud, as well as online collaborations tools, such as Zoom. Consequently, the rapid changes exponentially grew the attack surfaces for hackers to exploit. To better understand the situation, Check Point conducted a survey on 270 IT and security professionals to learn priorities and concerns as their offices explore re-opening.

The “New Normal” Has Begun

In the survey, 75% of respondents said their offices were open again for limited numbers of employees as lockdowns lift.  On average, staff are still working 4 days out of 5 at home, meaning remote-working vulnerabilities and threats will are here to stay.

Fear Over The Next, Big Cyber Attack

Over 75% of respondents said their biggest concern was an increase in cyber-attacks, especially phishing and social engineering exploits. 51% said that attacks on unmanaged home endpoints was a concern, followed by attacks against employee mobile devices (33%).

Top Cyber Crimes To Watch Out For

1.Social engineered cyber attacks exploiting fear, uncertainty and doubt. Demand for information on the new virus, accompanied by fear, confusion and even the boredom of confinement, has multiplied opportunities for cybercriminals to deliver malware, ransomware and phishing scams.

2.Cloud cyber-crime. Many Infosec and DevOps teams rushing to the cloud did not scale their cloud security postures to the level of their traditional data centers. This gap, in simple words, presents a dangerous opportunity to hackers.

3.Phishing exploits on employees working from home.  Employees are now their own CISO – with the drastic shift to allow work from home, we face a reality where our living room is now part of the company’s perimeter. Every company now needs to rely more on each one of its employees to guard its data and critical network credentials.

Cyber Crime During the Coronavirus Pandemic

In April, a separate survey by Check Point showed that organizations were being hit by a ‘perfect storm’ of increased cyber-attacks, while having to manage the massive and rapid changes to their networks and employee working practices during the pandemic.  71% of respondents reported an increase in cyber-attacks during February and March 2020, and 95% said they faced added IT security challenges with provision of large-scale remote access for employees, as well as managing shadow IT usage.

How to Protect Yourself as Offices Re-Open

A. Real time prevention. As we all know, vaccination is better than treatment. The same goes in cyber security. Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks. 79% of respondents to our new survey said their main priority is tightening their network security and focusing on attack prevention.

B.  Secure your everything. Every part in the chain matters. The “new normal” requires organizations to revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT etc. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.

Boost visibility. So many changes in the company’s infrastructure present a unique opportunity to check your security investments. Did we miss a blind spot?  The highest level of visibility, reached through consolidation, will guarantee the best effectiveness.