Mitigating Ransomware and Cyber Risk in the Hybrid Workforce

March 2020 plunged the world into a state of unknown and left us grappling to adapt to something most us never thought we’d experience in our lifetime. But as humans do, we adapted. By April, about half of the world’s population was under strict lockdown, meaning more than 3.9 billion people in more than 90 countries were ordered by governments to stay home.

With little time to prepare for what was to become the ‘new normal’, companies scrambled to facilitate remote working for their employees as offices around the world shut down. Many companies already had the infrastructure in place to adapt, particularly those in the technology sector. Unfortunately, for some, their staff were not even equipped with the basics, and in the early days of the pandemic many had to rely on whatever technology was available to keep business moving. In some cases this meant working on family devices with no security protocols in place to protect corporate data.

Opportunistic cybercriminals capitalized on organizations who were plunged into this new way of working without the adequate tools in place. This is evident by the surge in cyberattacks, and in particular the volume of ransomware attacks we’ve seen this year. It’s a known fact that people will embrace what they know in times of crisis. This has certainly been true for those companies who relied on antiquated technologies to protect their networks during the pandemic.

UK businesses alone experienced an attempt to breach their systems every 45 seconds between the months of April and June, and whilst cyberattacks against organizations is certainly nothing new, the level of attacks experienced during lockdown was unprecedented. Hackers knew that many companies who pivoted quickly to embrace remote practices were unprepared and vulnerable and it has certainly been a lucrative period for them. To put it into perspective, the Netwalker ransomware  gang alone has reportedly made more than $25 million since March this year.

It has become very clear that remote work is no passing fad, it is here to stay. A recent study from the Brookings Institute has stated that at least 20% of the workforce will now work from home for the foreseeable future, and during the pandemic it estimated that about half of employed adults were working from home. Many people have found they prefer it to working in the office and employers have discovered that they can manage a disperse workforce and save money without compromising on productivity. Some organizations such as Shopify and Slack have told their employees they can work from home indefinitely, and while others will expect employees to return post pandemic, they may find they have a battle on their hands. Many, including Microsoft, plan to introduce a hybrid model, in theory facilitating the best of both worlds.

Hybrid working may well become the norm and both employers and their employees stand to benefit long term. But there are security risks that can’t be ignored for this model to be successful.  Managing hybrid workers means managing risks, such as employees using personal devices, phishing emails, malicious apps, data profiling, unauthorized data collection, data exfiltration, social engineering, insider threat, unauthorized access to data and unsecure Wi-Fi networks.

If 2020 has taught IT security leaders anything, it’s that remote workers are more vulnerable to cyberattacks and ransomware, and the tools that they thought would protect them outside the walls of the corporate environment simply didn’t in many cases.

In the last eight months we have seen no shortage of headlines about successful cyberattacks, data breaches and ransomware attacks caused by remote working. Existing technologies have proved ineffective in this new way of working, which requires a new way of thinking and a different set of tools. The days of relying on perimeter defense is simply not enough. We must assume that bad actors are going to get in (if they aren’t in already). The goal of any attack is to steal information for competitive, disruptive or monetary gain.  If we focus on preventing data exfiltration, the cyberattack cannot be successful. With the right tools in place to prevent attacks before they happen, companies and their employees can feel secure working anywhere, anytime and on any device.