As
organizations re-open their offices, Check Point cautions of a “new normal”
plagued by novel phishing and social engineering exploits, resulting from
hackers leveraging remote work and dependency on Zoom.
- Survey:
75% of respondents said their offices were open again for limited numbers
of employees as lockdowns lift
- Survey:
75% of respondents said their biggest concern was an increase in
cyber-attacks, especially phishing and social engineering exploits
- Survey: 71% of
respondents reported an increase in cyber-attacks during February and
March 2020
- Coronavirus pandemic will fade, but its
cyber security effects will not
The “New Normal ”
As
offices re-open, organizations everywhere are at significant risk for cyber
crime. The primary reason behind these inevitable threats is the permanence of
remote work, which Check Point calls the “new normal”. As the lockdowns ensued,
organizations were forced to compress several years’ worth of IT changes into
just a few weeks, in order to support remote workforces. The support of remote
work required heavy reliance on the cloud, as well as online collaborations
tools, such as Zoom. Consequently, the rapid changes exponentially grew the
attack surfaces for hackers to exploit. To better understand the situation,
Check Point conducted a survey on 270 IT and security professionals to learn
priorities and concerns as their offices explore re-opening.
The “New Normal ”
Has Begun
In
the survey, 75% of respondents said their offices were open again for limited
numbers of employees as lockdowns lift. On average, staff are still
working 4 days out of 5 at home, meaning remote-working vulnerabilities and
threats will are here to stay.
Fear Over The Next, Big Cyber Attack
Over
75% of respondents said their biggest concern was an increase in cyber-attacks,
especially phishing and social engineering exploits. 51% said that attacks on
unmanaged home endpoints was a concern, followed by attacks against employee
mobile devices (33%).
Top Cyber Crimes To Watch Out For
1.Social engineered cyber attacks exploiting fear,
uncertainty and doubt. Demand
for information on the new virus, accompanied by fear, confusion and even the
boredom of confinement, has multiplied opportunities for cybercriminals to
deliver malware, ransomware and phishing scams.
2.Cloud cyber-crime. Many Infosec and DevOps teams rushing to the
cloud did not scale their cloud security postures to the level of their
traditional data centers. This gap, in simple words, presents a dangerous
opportunity to hackers.
3.Phishing exploits on employees working from home. Employees are now their own CISO – with
the drastic shift to allow work from home, we face a reality where our living
room is now part of the company’s perimeter. Every company now needs to rely
more on each one of its employees to guard its data and critical network
credentials.
Cyber Crime During the
Coronavirus Pandemic
In April, a separate survey
by Check Point showed that organizations were being hit by a ‘perfect
storm’ of increased cyber-attacks, while having to manage the massive and rapid
changes to their networks and employee working practices during the
pandemic. 71% of respondents reported an increase in cyber-attacks during
February and March 2020, and 95% said they faced added IT security challenges
with provision of large-scale remote access for employees, as well as managing
shadow IT usage.
How to Protect Yourself as Offices Re-Open
A. Real time
prevention. As we all know,
vaccination is better than treatment. The same goes in cyber security.
Real-time prevention of threats, before they can infiltrate the network, is the
key to blocking future attacks. 79% of respondents to our new survey said their
main priority is tightening their network security and focusing on attack
prevention.
B. Secure your
everything. Every part in the
chain matters. The “new normal” requires organizations to revisit and check the
security level and relevance of their network’s infrastructures, processes,
compliance of connected mobile and PC devices, IoT etc. The increased use of
the cloud means an increased level of security, especially in technologies that
secure workloads, containers and serverless applications on multi and hybrid
cloud environments.
Boost visibility. So
many changes in the company’s infrastructure present a unique opportunity to
check your security investments. Did we miss a blind spot? The highest
level of visibility, reached through consolidation, will guarantee the best
effectiveness.