Blog

Cyber Threats Are Spiking as Remote Worker Ranks Soar

Apr 06, 2020

WFH_Office_Setup The number of people working from home is skyrocketing as the COVID-19 pandemic forces companies to close offices and practice social distancing. The sudden explosion of makeshift home office environments is adding to the burden of already overtaxed cybersecurity workers, who now face the massive task of trying to protect a remote workforce against cyber threats.

While cybersecurity professionals put in extra hours to handle the situation, the increasing ranks of remote workers are catching the attention of another group – cyber attackers. Cyber criminals are betting that many of these hastily outfitted work-from-home environments will not have the same level of protection as office environments, while still connecting to their corresponding corporate networks. For cybercriminals, that spells opportunity.

And they are wasting no time. Cyber threats are already on the rise, according to CNBC . The rise in threats such as phishing scams and spam is occurring just as a solid majority of companies (85%) now have at least 50% of employees working from home.

In a poll of the CNBC Technology Executive Council , the business network found that 36% of its members are seeing a spike in threats. The council is composed of corporate executives and professionals in senior technology positions.

“The bad guys know that every IT department and every cybersecurity group is currently overwhelmed and stretched,” Miriam Wugmeister, partner and co-chair of law firm Morrison & Foerster’s global privacy and data security group, told CNBC. “We are hearing from many clients and law enforcement that the level of cyberattacks, phishing attempts and scams occurring in light of COVID-19 has grown dramatically.”

Cybersecurity Workers Deemed Essential

As companies operating in certain states and municipalities cope with stay-at-home orders intended to arrest the spread of the virus, some employees are still allowed to work in the office because they are deemed essential.

The Cyber Infrastructure and Security Agency (CISA) has issued an advisory designating people who work on critical infrastructure in a number of sectors, including healthcare, food, communication, defense law enforcement and public works as essential workers. While the advisory doesn’t name cybersecurity specifically, it’s understood that cybersecurity is essential to protecting critical infrastructure.

It’s also important to recognize that cybersecurity is always essential in any industry. While cyber attackers tend to focus on some industries more than others, the reality is they will strike anywhere they see vulnerability and opportunity.

With that in mind, and especially as the ranks of remote workers increase rapidly, it’s never been more important to have a robust cybersecurity team. One of the unfortunate byproducts of the COVID-19 epidemic is a spike in unemployment claims – a record 3.3 million were reported the week of March 23.

As companies shutter parts or all of their operations to ride out the pandemic, layoffs and furloughs are inevitable. But employers should think long and hard before reducing their cybersecurity staff size to save money in the short term. For one, cyber attackers aren’t affected by quarantines, and whether an organization’s physical operation is open or temporarily closed, onsite or remote, attacks are still underway. Suffering a cyber attack in what is already an uncertain economic time would add to an already dire situation. And more food for thought, with a worldwide shortage of cybersecurity professionals and nearly 0% unemployment in the field, it could be extremely hard to replace cybersecurity team capacity when the current situation improves and businesses begin to grow again.

Keep in touch.