Speculation increases as Coronavirus and cybersecurity attacks go hand-in-hand
Hackers are having virtual field days as they increase their efforts to compromise security systems of people and businesses. Because the Coronavirus pandemic has forced many indoors, it’s increased online activity by a good chunk. Things like remote-working solutions are also up, and it creates a plethora of entry points for the savvy third-party. Whether with phishing, malware, or brute force hacking, the black market of the digital world is taking advantage.
To some, this translates to one of – if not the biggest – cyberattack in history. Steven McBride of Forbes is making such a claim, predicting in about six months we’ll see a catastrophic event unfold in the cyber world. So why is that?
Steven first educates us on the “nature” of cybersecurity. Imagine breaking into different buildings, he says. A bunker and a mansion. A bunker has one door, and one entry point. A mansion has dozens, like windows, the backyard, the front door, etc. It’s a great metaphor that captures the idea of network security pretty well. When a company introduces new devices and connections, every one of those is a “window” for a hacker to break through, versus the bunker, which has only one easily defensible entry point.
But according to Steven, it’s the forced “working from home” which is lighting the fuse to the eventual cyber-disaster dynamite. Why’s that?
Working from home made a “digital skyscraper“
In other words, attack vectors increased rapidly. Now, as Steven describes, millions of Americans are working from home with their devices. Companies didn’t have time to enforce strict at-home guidelines, nor did they have time to provide secure equipment to keep their information under lock-and-key.
What deters attackers, you see, is complications. The more steps are required to access an account or hijack a login, the less success a third-party has. From two-factor authentication to encryption, there are plenty of ways to add layers and layers of powerful security. The problem is, these remote working solutions don’t have them.
As Steven continues to say – painting an even more horrific scenario – is that many at-home workers are probably using their personal devices for work.
Problems that start at home
It’s hard to emphasize just how dangerous this is to both the worker and businesses. Hacker attacks and malware are on the rise, ready to prey like electric-vultures on whatever they can find. Now, many at home are relying on their own personal security rather than the business methods. That’s. . . not good.
We’re going to have a frank and honest discussion: the modern world is pathetically underprepared and unprotected regarding cybersecurity. It is astonishing how unsafe modern digital environments are.
It’s not all the fault of people. Combined with devastating social-engineering methods, absolutely destructive forms of ransomware, and dangerous, savvy hackers, it’s a digital warzone out there. Unfortunately, not everyone is a soldier. For those hackers, they’ve got their pick of valuable data to steal from.
Think of it this way: a single individual device contains all sorts of personal information, ranging from names/addresses to login info for bank apps or the like. But a single personal device isn’t the only vulnerability. Remember, each app has a security function too. What if a certain app or software is out of date or doesn’t have rigorous protections in place? What if a worker’s PC isn’t running the latest OS version? Not only do you have a “skyscraper,” dozens of those windows are now cracked and easier to get into. It’s like trying to secure the entrance of a building with a lock that only works sometimes.
The escalating problem
Remote workers connecting to business networks with their insecure devices now creates weak entry points malicious actors can take advantage of. Depending on the methods employed, these third parties only need one entry-point to exploit. Once they gain access to a business network, they can wreak havoc, steal valuable employee and customer information, deploy malware, and interfere with services.
So why does Stephen think we’re headed towards the biggest attack modern cybersecurity has ever seen? After all, breaches are (unfortunately) common. His reasoning is that in recent months, attackers have gone after bigger targets. Not just businesses and companies, but infrastructure as well. According to CYFIRMA, malware attacks against health-related organizations increased by roughly 600%. If that’s the case – or so Steven asserts – we’re looking at a ticking time bomb, one primed to go off on bigger infrastructure.
For profit
Steven goes on to assert these attacks coincide with the rise in cyber-stock, aka cybersecurity firms benefitting from cyber-disasters. They follow a pattern of striking when companies are most susceptible, which is now. Will that pattern repeat? It’s certainly familiar territory.
Our thoughts
There are some salient points here. Companies are absolutely at much higher risk with the seeding of remote workers. Entry points have greatly increased and malicious actors are absolutely looking to take advantage.
As far as one of the biggest cyber breaches in history – if not the biggest – well, there’s certainly firmer ground to stand on. We can reasonably expect a higher frequency of attacks, but whether that’s the largest in history remains to be seen.
Protecting yourself
The one factor that might throw a wrench in this prediction is the introduction of firmer cybersecurity policies. Six months is a long time, and it’s unlikely companies will just sit idle and allow these threats to escalate freely. From implementing 2FA to created layered networks, or rigging improved security policies, a lot can be done in half a year.
If you’re a remote worker or want to increase your cybersecurity in general, now’s the time. Consider the following:
- Implement two-factor authentication on your company devices
- Make sure all relevant apps and software are updated to their latest version
- Have your Operating System at the latest version
- Work off a business device or work-sanctioned station versus personal computer/device
- Have anti-virus software and monitoring enabled
- Utilize VPN services or a zero-trust networking tool
If you’re still experiencing problems, want to improve security, or need additional resources, feel free to contact us at Bytagig.
