Addressing the increase in IoT-based attacks driven by remote work

Working remotely presents major risks to organizations as employees use untrusted networks or undocumented devices to access corporate resources. IT professionals agree that cyberattacks are on the rise during the COVID-19 pandemic as employees’ surroundings leave them feeling more relaxed about security.

A recent survey revealed that 20% of US-based security professionals believe the COVID-19 environment accounted for an increase in IoT-based attacks, according to Bitdefender. Cheap smart devices connected on the same network as the corporate laptop can pose tremendous risks. A baby monitor with easy-to-guess access credentials is probably not what you want on the same network as your corporate laptop.

Specifically, security professionals saw a jump of almost 42% in IoT-based attacks, the greatest increase of any other attack vector, including supply chain, phishing and ransomware.

As more employees work from home during the pandemic — and possibly beyond — infosec professionals fear the security implications. One in three IT pros say they worry that employees are more relaxed about security issues because of their surroundings, while others say employees aren’t sticking to protocol; especially in terms of identifying and flagging suspicious activity.

A recent (ISC)2 survey found that 23% of infosec professionals said cybersecurity incidents at their organization have increased under remote work, according to Cision. Some respondents said there were twice as many incidents than before the work-from-home orders associated with the pandemic.

The implications of a work-from-home era on corporate security

A key risk related to working from home is employees’ use of untrusted networks. For example, off-the-shelf routers usually come with default authentication credentials and exposed services. Left as is, home routers can be an inviting gateway to potential attackers looking to steal corporate data, deploy malware or even spy on people.

Another risk is the use of personal messaging services for both business and personal reasons, as cited by 37% of (ISC)2 survey respondents. Despite these fears, only 14% are making it a top priority to upgrade security stacks, 12% have bought additional cybersecurity insurance and only 11% have implemented a zero-trust policy. What can organizations do to better protect themselves against the cyberthreats associated with having a remote workforce?

Some business leaders see the issues driven by the pandemic as an opportunity to improve, choosing now to tackle changes in workforce patterns and to plan for unexpected events. For example, a third of IT decision makers have taken measures to increase IT security training sessions for employees.

Improved awareness might help employees better understand exactly what IoT devices are, why they may be vulnerable and how to navigate them securely. Additionally, 23% plan to increase cooperation with key business stakeholders when defining cybersecurity policies, including how to account for IoT devices. An equal percentage will increase outsourcing of IT security expertise.

However, saying is not the same as doing. Half of the respondents in the Bitdefender survey also revealed that their organizations have no contingency plan for cyberattacks exploiting remote workers. Bitdefender researchers recently exposed a new hacking campaign that targeted home routers and changed their DNS settings to redirect victims to a website rigged to download the Oski infostealer.

Unpatched or unsecured routers become susceptible to malware and can expose credentials, opening the door for extraction of information. Phishing attacks are also on the rise, preying on people’s concerns over COVID-19. And the list goes on.

Strict security policies and trainings go a long way, but businesses must also prepare for an IoT-specific attack incident response. For example, network appliances that filter traffic are a must-have in today’s remote-connected world. Traffic filtering acts as a barrier on the employer’s side, enabling IT staff to detect if the employee has been compromised in any way. In a remote work scenario, an unwary employee with the right access privileges can pose a bigger threat than a motivated hacker.

Business leaders should consider turning their attention to vendors that can tailor behavior analytics to their company’s network traffic. It’s the best way to detect advanced attacks early and enable effective threat response.

All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.

Data Center
Data Management