Cybersecurity Risks Go Up with So Many Remote Workers
Moving the workflow from a secure, contained office environment to one based on potentially nonsecure, home-based networks — expanding endpoints exponentially — increases the risk that existing cybersecurity vulnerabilities may be exacerbated, or new ones occur.
And cybersecurity vulnerabilities can remain undetected for years, often coming to light only once an organization suffers a data breach, after which the damage is already done. So agencies must evaluate their ongoing work-from-home environment, and close security gaps in ways that still allow employees to be productive.
At CDW•G, we’ve stepped up the security-related conversations we have with our federal customers, especially those with remote end users who are working in a new security environment. If they were working on a secure network on a military base, we need to make sure that they’re as secure at their dining room tables as they were in the office.
The education hasn’t changed; it’s just expanded. And the kinds of attacks haven’t changed; they’ve just increased. Malicious actors know that people are working from home and may have let their guard down or have their attention more divided than ever.
Remote workers have no doubt seen an increase in the number of emails they receive in general — those conversations that took place over the top of a cubicle divider now happen electronically. In addition, e-commerce sales have jumped by 31.8 percent this year, meaning that most inboxes now also contain a host of “Your Order Has Shipped!” missives.
The malicious actors are hoping you forget you didn’t order that jigsaw puzzle, or they want you to think the message is from the director-general of the World Health Organization with a COVID-19 update (a real tactic mentioned in the CISA alert). They’ve honed their skills enough that it might take five or six read-throughs of the email before you realize it’s fake, and even then, you still might not spot it.