The sudden growth of home working brought about by COVID-19 has raised a number of new cybersecurity concerns – ranging from insecure home networks to bad cyber-habits by staff operating outside of the office environment.
With remote working likely to become far more frequent going forward, businesses will be considering what specific actions they should be taking to adequately secure themselves. Infosecurity recently discussed this topic with Bill Conner, president and CEO of cybersecurity firm SonicWall.
“Everyone had fortified the buildings and offices, their data-centers, their apps and everything else, and once you’ve pushed all your resources to the home, all of a sudden that home network is your business network,” he explained. “The new business norm is everyone’s going to be more remote and mobile, and therefore by definition, everybody will be less secure.”
Unsurprisingly, cyber-criminals have been very quick to take advantage of the situation. While many of the tactics employed are not necessarily new, they are being utilized to a much greater degree. For example, Conner outlined how he had observed a dramatic increase in phishing and ransomware over recent months, with financial gain emerging as an increasingly important motivation as the economic damage of COVID-19 becomes apparent.
Conner commented: “Everyone’s finances have cut down, so the bad guys need more money. I liken it to a few years ago when the G20 put more sanctions on certain countries – they [cyber-criminals] turned to ransomware, Bitcoin and residual currency to fill their coffers. So I think we’re going to see more of that as it continues, but now they’ve got a new target area that can be very lucrative.”
With the risk surface hugely extended, Conner outlined the areas and types of cybersecurity technologies that should be focused upon by organizations to protect themselves; these are particularly endpoint security due to the growth of devices being used and cloud application as a result of the rise of cloud apps in recent months and, of course, VPN security. For the many organizations that will continue to be reliant on legacy apps, bringing in multi-factor identification is also critical.
“It’s really now about taking that concept of layered security and extending that to your home office”
“It’s really now about taking that concept of layered security and extending that to your home office,” he said.
SonicWall works with a vast range of organizations, including government departments, accounting firms and universities, and has found that all are in need of radically reimagining their cybersecurity model having quickly pivoted to remote working during the crisis. Conner said: “I’ve personally not talked to one that hasn’t re-engineered their business and their networks. We call it cybersecurity for the hyper-connected network era.”
Conner has also noticed the development of increasingly sophisticated malware cocktails recently that are getting better at evading detection by security software. It is partly due to this that he sees side channel attacks as becoming an avenue cyber-criminals will seek to exploit over the coming years.
“We’ve seen a remarkable increase of what I’d call sandbox evaded technology that’s going around and one of those is side channel; it’s not been weaponized yet but probably will be in the next year or two. That will go right around encryption in everything and steal either intellectual property or financial transactions,” he explained. “That’s the one I’m worried the most about because most applications and datasets are hyper-cladded, and the side channel can go right at the heart of that and you can’t re-engineer that overnight.”
Therefore, the ability to detect such threats in real-time should be a big priority for organizations, according to Conner. He discussed the SonicWall Real-Time Deep Memory Inspection technology in this context. This enables its Capture ATP product to detect and block malware that does not exhibit any malicious behavior or that hides its weaponry via encryption.
Conner added: “I think real-time memory is going to be really important because I’ve not talked to anyone in government or in other organizations who’s got a network capability that can detect that and defeat that in real time.”
Establishing the appropriate security model for the reality of modern working is undoubtedly going to be a major challenge for organizations over the coming years. Much of the discussion has so far centered around improving user awareness and behaviors, but increased investment in sophisticated security technologies has surely got to be another consequence to counter the growing range of network access points for cyber-criminals. The rise of remote working brought about by COVID-19 could therefore lead to improved cybersecurity all round in the long-term, as businesses are forced to take the issue far more seriously in light of weaknesses of this practice.
“I really believe, in the future, we will see businesses wanting to become as good as they can be,” Conner concluded.