Why Hackers Love the Pandemic
The novel coronavirus pandemic has been a boon for cybercriminals seeking profit amid chaos. Tanium’s special report of 1,000 chief executives and VPs revealed that 90% of enterprises surveyed experienced an increase in cyberattacks due to the pandemic and nearly all (98%) of CXOs and VPs incurred security challenges within the first two months.
Hackers were quick to exploit the fears and uncertainty of employees and the challenges companies face with a remote workforce. Cybercriminals spun up COVID-19-centered phishing attacks, spoofing the World Health Organization, the government and even COVID-19 tracker sites. Malicious actors deployed fake VPNs and acquired data from nefarious VPN providers. Employees started connecting personal devices to corporate networks and resources—devices that may not be identified or patched, making them a prime target for exploitation.
All of these factors underscore the challenges organizations face in decentralized work environments. Challenges that aren’t likely to go away anytime soon—85% of respondents believe that the negative impacts of the global pandemic will last for years to come.
But with the right strategy and focus on the distributed workforce, businesses can overcome these obstacles and establish far more efficient and secure approaches to managing their devices.
Remote Work: Under Attack
When COVID-19 hit, our survey found that it forced many organizations (93%) to stop or delay digital transformation and security projects to resource the large-scale transition to remote work. Projects involving network zoning, data governance and policy standards fell by the wayside for more than a third (35%) of those surveyed. Anti-virus and malware sandboxing (38%) were also postponed, along with identity and access management (39%).
Postponing major security initiatives made sense because businesses were in panic mode and had basic issues to solve—fast. We heard from multiple healthcare providers who urgently needed to know which doctors and other clinical professionals had operational webcams to provide remote medical assessment services, both at local locations and to distant areas lacking enough doctors. This was a task that wasn’t a priority pre-pandemic.
Now that workforces are largely remote, companies will need to adjust their mindset moving forward. Many employees don’t want to return to the office, or if they do, only for limited days each week. To manage this long-term and be responsive to the situation, enterprises will need a solution to identify all devices within the network in real-time to ensure they are properly managed. Twenty-seven percent of the CXOs and VPs we surveyed said identifying personal devices on their network is a growing problem. Forty-three percent found it difficult to get those devices patched, and 45% said they could scan and patch, but were not able to track how many devices had been patched.
Bringing Security and Flexibility to Working in the New Normal
They also need to focus on being nimble. One of the most critical components of a long-term security plan for distributed operations is network visibility—understanding what endpoints are connecting to your network, and what resources they are accessing. Businesses need to keep scanning to identify new endpoints added, no matter where employees end up—in the office, at home or on the road.
Our survey shows that organizations attempted to minimize their risks during the first two months of the pandemic. They implemented zero trust to reduce reliance on VPNs (38%) and reduced centralized IT, shifting more to the cloud (44%). These are important first steps, but it’s not all businesses should do—and many realize that.
In fact, 47% of business leaders intend to improve their patch management process as part of their cybersecurity efforts, while 48% plan to invest in endpoint management that enhances the visibility of IT assets.
Diligently Prepare for Whatever Comes Next
The pandemic has forever changed the requirements of network endpoint security. Most organizations were forced to delay important security projects at the onset, but the aftermath of COVID-19—specifically, the increase of cyberattacks—has inspired many enterprises to consider new investments to prevent future threats. One way or another, organizations must respond or face crippling consequences.
New security initiatives must be part of a broader strategy. The end goal should be to incorporate resilience into the distributed workforce to reduce attack surfaces and vulnerabilities that malicious actors might try to exploit. Organizations can accomplish this goal by gaining insight into all endpoints, knowing exactly which devices are accessing corporate networks and resources whether they are personal or company-owned. To stay ahead of the remote working environment, organizations must also have real-time communications for continuous visibility and immediate responsiveness in dealing with vulnerabilities and unpatched devices.
