The COVID-19 pandemic has forced millions of professionals into remote work all around the world. In so doing, it has created major opportunities for hackers. According to a recent international survey from SailPoint Technologies Holdings, Inc., a U.S.-based tech company, 48% of U.S. participants said they had been targeted with phishing emails, calls, or text messages, both personally and professionally, over the course of six months while working from home. Additionally, more than half of Europe, the Middle East and Africa (EMEA) survey responders, as well as those in Australia and New Zealand (ANZ), reported being phished during the pandemic—with 10% noticing phishing attempts at least once per week.
“In the case of phishing, hackers target employees with malicious links embedded in carefully crafted emails,” Juliette Rizkallah, CMO of SailPoint, told Security Magazine. “Upon clicking, employees unknowingly download keylogging software onto their PC providing their credentials to malicious actors. Hackers can then freely access important business assets and data, masquerading as a legitimate employee. With identity security, suspicious user behavior anomalies such as large data downloads, or after hours activity, can be quickly spotted and remediated by making users change their password or by revoking access until anomalies are analyzed and cleared.”
There are a few reasons why remote workers are coming increasingly under attack. Many (1 in 3 U.S. and half of EMEA and ANZ workers) are using their own personal devices to perform remote work. Additionally, 1 out of 4 survey participants said they had shared work passwords with third parties and/or people they knew.
Seven Cyber Security Issues Experts Should Anticipate in 2021
According to Security Magazine, there are six major focuses, risks, and considerations for cyber security experts in the new year.
- Cyber criminals will target remote workers: COVID-19 lockdowns have forced millions of workers across the world to work from home. Many employers were unprepared for the security risks, which has led roughly a quarter of organizations to pay unanticipated costs related to security breaches and malware. For example, 82%of organizations allowed employees and other stakeholders to use their own equipment, but 72% didn’t have proper malware protection.
- Organizations that rely on legacy security architecture such as VPNs will be targeted: As organizations locked down during the pandemic, many harnessed VPN technology for remote work. This puts them at risk, since hackers can easily use ransomware to exploit unpatched VPNs. As a safer alternative, over 30% of IT security teams are turning to “zero-trust,” which gives workers access to only a small number of permissions.
- With security budgets plummeting, privacy experts will turn to consolidated security solutions: In 2020, IT spending dropped almost 10%, a trend that is likely to continue next year. Organizational leaders will likely turn to platforms like secure access service edge (SASE) to consolidate their security management needs and save money.
- Security threats in health care may cost lives: With hospitals overwhelmed by an influx of COVID-19 patients, they are prime targets for hackers who know this is a perfect time to hold them ransom by disabling their computer systems. Hospitals that lack proper cyber security protections may be the perfect prey.
- The financial industry will likely see increased security breaches: While financial organizations represented just 7% of breaches in 2019, they made up 62% of leaked records. The rise of 5G technology in 2021 will give hackers an added advantage, which means the financial industry will need to consider stronger cyber security protections.
- The pandemic will speed the expansion of organizations into artificial intelligence (AI) and cloud technologies: The COVID-19 pandemic has accelerated a transition to remote work that had already been well on its way. Going into 2021, organizations will seek to better adapt cyber security solutions during this transition.
- More people will be at risk of data theft: As more people use the internet, with many more now working from home, data exposure is a greater risk than ever. To reduce risk, organizations will need to turn to new security strategies.
Improving Cyber Security in Your Organization
Having the proper tools and systems in place can prevent data breaches and cyber crimes. It’s crucial for your organization to understand the available cyber security measures to protect its data and devices. Cyber Security Tools for Today’s Environment, an online 11-course program from IEEE, helps businesses improve their security techniques.
Contact an IEEE Account Specialist today to get access to the course program for your organization.
Interested in learning about getting access to the course for yourself? Visit the IEEE Learning Network to learn more.
(20 November 2020). Cybersecurity doorways left ajar in the race to remote work. Security Magazine.
Kahol, Anurag. (10 November 2020). Seven cybersecurity predictions for 2021. Security Magazine.