Cybercrime rose by 242% among remote workers in 2020
A new by Kaspersky, a global leader in deep threat intelligence and online security, says the global shift to a working-from-home mandate following the COVID-19 pandemic has resulted in a new surge of specific threats to remote working networks.
The data gathered showed that there has been a 242% growth of attacks on Remote Desktop Protocols (RDPs) compared to results shared in 2019. An estimated 1.7mn malicious files masquerading as apps were discovered for corporate communication.
Essentially, says Kaspersky, sending employees to work from home led to vulnerabilities that cybercriminals were quick to take advantage of. The volume of corporate traffic grew, and users swiftly moved to third-party services to exchange data, often working via potentially insecure Wi-Fi networks.
The work-from-home initiative also resulted in employees using remote access tools to log onto servers and networks. A popular solution has been Microsoft’s proprietary protocol, RDP but the data found that a large number of computers made available to remote workers were incorrectly configured, resulting in a new wave of cyberattacks globally.
According to Kaspersky's findings, the amount of cyber breach detections has surged more than three-fold. An estimated 3.3 billion attacks on RDPs were detected between January and November 2020. In 2019, during the same 11-month period, Kaspersky detected 969mn of these attacks worldwide.
The switch from offline to online tools resulted in 1.66mn unique malicious files being detected. Hidden under the guise of popular messenger and online conference applications, once installed, the files load Adware programs that flood user devices with unsolicited advertising. Even more worryingly, the malware also stole personal data for third-party use.
Another group of files called Downloaders, were also detected. These applications are not harmful by themselves but can download other harmful apps, including remote access tools and Trojans.
As part of the research, Kaspersky also released a list of protocols companies should follow to ensure their security is maintained. The directives include:
- Use of a VPN if working from home, enabling multi-factor authentication.
- Companies should install corporate security solutions on their systems to detect network threats.
- Supply all work-from-home employees with all the relevant security tools they need – including I.T. expert access.
- Complete security awareness training with staff.
- Ensure all devices, software and apps have the latest updates.
- Include security on physical endpoints to protect cloud workloads and virtual desktop infrastructure.
- Maintain a close eye on router security when transmitting data to several devices and during heavy traffic.
- Set up strong passwords for the router and Wi-Fi networks.
- Don’t put corporate information on personal devices.
- Don’t share work account details – even with close colleagues.
Speaking about the findings, , a security researcher at Kaspersky said, “This year taught us a lot. The move online was not as flawless as one would imagine, especially given that we already lived in what we thought was a digitised world. As the focus switched to remote work, so did the cybercriminals, who directed their efforts to capitalise on a rise in adoption.”
He said that the damage wrought by cybercrime was less severe than the issues that might have occurred had employees not been able to work remotely. “I am happy to state that the adoption process was fast and this meant the world could go on. Economies did not freeze and we still get to have our coffee, albeit, via delivery services. Yet now we know that there is still a lot to learn about the responsible use of technology, with data sharing at the heart of it.”
Galov explained that the learning curve in terms of working remotely had been as steep for company executives as it had been for the general workforce
“One of the biggest challenges of 2020 turned out to be awareness of potential online dangers,” he said. “The key here is not that the sudden demand for online services – be they work-related or for food delivery – grew. Many new users were people who in principle avoided being so digitally exposed in the first place. They did not necessarily disregard the need for cybersecurity – they had simply chosen not to use digital services before and were less educated about what can happen online. This group of people turned out to be one of the most vulnerable during the pandemic – their level of awareness of online dangers was very low. It seems like we have been given a big challenge worldwide and I hope that helped increase the level of cybersecurity awareness among ordinary users.”