Throughout history, humans have been attacked by epidemics. As with previous plagues, Covid- 19 is inflicting harm on both our morale and physical well-being and has resulted in significant economic and social upheavals. Despite this, our new business model has enabled us to rise to face the new challenge.
We live in an interconnected global economy and we rely heavily on technology. In past years, business has increased its use of collaborative tools via the internet and has embraced the smart working philosophy. For any who had not already done so, this worldwide crisis has required a quick shift from office-based to home-working: an inability to adapt means failure.
However, rushing into a solution without a proper security assessments and transition could be catastrophic.Confidentiality, integrity, and availability must be ensured through a security maturity model which is sufficiently equipped for the current cyber threat landscape. This can be easier said than done - since the beginning of the Covid-19 crisis, cybercriminals have increased their activity in recognition of greater possibilities for exploiting technical and behavioural weaknesses.
A few days ago Europol published a report which confirmed a significant increase in attacks through phishing and ransomware and their analysis illustrates how hackers are profiting from this epidemic (Europol, 2020). This is just the beginning - United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) have issued the following statement: “Both APT groups and cybercriminals are likely to continue to exploit the Covid-19 pandemic over the coming weeks and months” (CISA, 2020).
Some of the key questions for consideration are:How could we securely adapt our work habit and guarantee we meet the new business requirements? Does the current Covid-19 crisis increase the risk exposure of insider threat? In order to support organisations to keep workers healthy and productive, information assurance practitioners are faced with new challenges and must deliver a further layer of security in order to prevent possible attacks or damage.
This includes protection from outside but also from inside the organisation.As asserted in previous literature, when we examine cybercrime, we often underrate the risks of the internal threat. “Insiders present a significant risk to organisations and, even if they were not the most common source of attacks in last years, they were the most expensive and difficult to recover from” (Mazzarolo and Jurcut 2020).
A work-from-home environment pushes the defence line outside of the organisation. Setting up remote working services could pose a potential security risk when combined with possible human-error-enabled security failures. Threatscape: Observing the attack surface during Covid-19 Crises can expose both good and bad traits amongst a population. There has been an increase in hostile acts from criminal organisations, states and state-backed actors hunting for opportunities to exploit the public health crisis.
At the beginning of March, the main target may have been individuals but in recent weeks sights have been set wider and include the healthcare sector, governments, and other industries. As examples of offensive and aggressive acts we could list: darknet marketplaces distributing illicit goods and services (Covid-19 related products), phishing, scam, ransomware, disinformation, DDOS, exploitation of collaboration tools, malicious domain registration (probably used for further criminal operation such as phishing), as well as direct attacks against hospitals or major agencies including the Department of Health and Human Services (HHS) and the World Health Organization (WHO).
On the 4th April 2020, Interpol released a bulletin stating that they are monitoring the situation in partnership with industry to provide support to organisations that have been targeted by ransomware (Interpol, 2020). Additionally, the FBI declared in its last public service announcement that cyber threat actors are exploiting virtual environments: “As of March 30 2020, The FBI's Internet Crime Complaint Centre (IC3) has received and reviewed than 1,200 complaints related to Covid-19 scams” (FBI, 2020).
Working from home: A different challengeIf not correctly assessed and addressed, remote working could represent a real Achilles heel for all businesses. Not all agencies, organisations, governments, industries, or academies are technologically ready to adapt their job model to embrace remote working. Executive under time pressure might not offer the most secure solutions and, regrettably, security is often put on the back burner when compared to productivity. Organisations should take into consideration the following challenges, to guarantee a secure and balanced remote working:
Remote Working Recommendations: Insider threat less risk approach
To successfully secure remote businesses, security managers should be aware of new threats seeking to profit from this public health crises. Different security firms have provided Covid-19 cyber security situational awareness materials. This permits organisations to have a situational perspective of the risk landscape and to offer countermeasures against existing challenges. It particularly highlights protection of the most sensitive data and business applications, specifically referring organisations to:
Covid-19 has imposed restrictions across many countries. Everybody has been required to adjust their way of life and to stay at home, limiting exposure to other people. The result is that more businesses are asking their employees to work from home. Overall, this has not changed our day- to-day tasks, but required us to perform them from a different environment. Even though this solution has been viewed positively from the end user side, it has introducing a range of unique challenges for security.
The current crisis has increased risk exposure of insider threats, and individuals are a potential weak factor in preserving security. This is why hackers develop increasingly complex methods in order to target workers, where even the most experienced employee may be tricked into releasing confidential data. To make matters worse, employees could boost incident rates through eagerness to prove their effectiveness working from home by bypassing policy or operating under less restricted parameters.
In order to strongly adapt our organisation, business leaders have a heightened responsibility to set clear expectations about how their corporations are managing security risk in new work environments, leveraging or re-adapting policies, technologies, awareness and monitoring restrictions.Taking a ‘glass half full’ perspective, Covid-19 has enforced the human ability to adapt quickly to a new situation.
This crisis has, in fact, given us the opportunity to adjust our security posture in an unknow environment and balance business requirements with the preservation of confidentiality, integrity and availability.