Why WFH Greatly Contributed to Cyber Breaches in 2021

The COVID-19 outbreak significantly changed the way many things were done globally; businesses had to fashion out new ways of meeting customers’ needs; people had to go through long periods of lockdown; the physical workspace could not operate again. Cyber incidents were reported to rank as the third-largest business risk globally.

In the face of all these dramatic changes, it was important to keep the world economy moving and work must be done. This gave birth to WFH (work from home), the acronym given to work that is done remotely.

Before the pandemic, a few organizations were actually practicing some sort of remote working, but the pandemic made it the way of life. WFH became compulsory for the survival of any business.

An effective WFH warranted a good dose of digital transformation since transactions and boardroom meetings would occur online. New technologies needed to be integrated; apps and collaboration tools became essential for the smooth transaction of business; legacy systems had to be revamped, and employees needed to undergo some forms of training to adapt to these new measures.

While it was expedient for these measures to be put in place, organizations did not have enough time and the pandemic had already eaten deep into their finances. The need to meet up with customers’ expectations and survive, created room for vulnerabilities that threat actors quickly exploited.

With the physical workspace, it was relatively easy to protect the office systems with firewalls and blacklisted IP addresses. However, the integration of new technologies has made organizations more vulnerable to cyber-attacks. Since you now conduct your business online due to the WFH model, you are at the mercy of prying eyes who surf the internet for vulnerabilities they can exploit and compromise.

What many have experienced with the ill-prepared WFH model is that the documents you have in the cloud, your emails and attachments, instant message clients, and supply chain services have become vulnerable. Since you are transiting a lot of data digitally, you have created more attack surfaces for threat actors to exploit.

According to Reboot Online in its survey of 1,198 business owners and employees in the UK based on their experiences with data breaches and password security between 2020 and 2021, it was revealed that cybersecurity breaches have increased tremendously as a result of more organizations venturing into WFH. What Reboot Online discovered to be responsible for this was that an overwhelming 79% of businesses fail to change all their security passwords when they disengage employees, and 71% of businesses don’t even attempt to train their employees on how to handle personal passwords.

Level of preparedness

At the time organizations embarked on WFH, what was more important to most of them was how to ensure continuity. Cybersecurity was not given enough precedent, as some employees had to run some business tasks with their personal devices.

While we may want to see this as some form of irresponsibility on the part of organizations, the fact is that they couldn’t do much. The COVID-19 pandemic came suddenly, and the pace at which it moved required that urgent measures had to be taken.

Organizations and their employees had to scramble and quickly adapt to the dramatic changes to ensure survival. The situation truly describes “survival of the fittest.” In certain instances, there was little or no reaction in complying with organizations’ cybersecurity standards and data protection obligations.

Unlike what was observed in the physical workspace where cybersecurity issues were made everybody’s concern, the bulk of tackling the threats fell on CISOs and the different IT teams. This was rather unfortunate, and to compound things, the WFH setting did not give them enough room to diligently do their work.

Data protection guidelines

Every organization must provide its employees with data protection guidelines. While this was already very common practice with the physical workspace, it has become entirely possible with the WFH model. Employees must have clear-cut instructions on how to handle customers’ sensitive information.

The sudden change and the general situation employees found themselves in made it almost impossible. It was even possible that employees would dispose of some documents they consider waste in their personal bins, without considering that such documents could be scanned for titbits of information that can eventually harm the organization.

Going by the discovery from Cybint, that 95% of cybersecurity breaches come from human error, you don’t need a rocket scientist to decipher that if you eliminate human error, you greatly reduce cyberattacks. Unfortunately, however, the sudden need for the WFH model did not give room to fully prepare employees for the task ahead.

Wrong use of work equipment

Work laptops had to be taken home to carry out tasks. While it was completely necessary for WFH, there could have been instances where such working tools and devices are left around carelessly. For example, for employees with kids this can be a very costly mistake, especially where passwords are not strong enough or are carelessly placed.

Some organizations also did not place enough emphasis on multi-authentication, which will make such devices difficult to access even if placed carelessly. WFH does not essentially mean that all the work must be done while your employee is at home; an employee could be caught up in a train or even a café and the need to join a virtual meeting arises, bits of information can, unfortunately, fall into the hands of threat actors who are just eavesdropping.

While the employee did not intentionally divulge the information, it can be used to harm your organization. Another fallout from using work equipment at home is the level of security your employees have with the network.

Once a threat actor secures an entry point, the whole system has become compromised.

Conclusion

WFH was inevitable, the only problem was the level of preparedness before embarking on it. The situation we have does not indicate that we shall soon go back to the initial way of doing things; organizations may have to hybridize, and that means cybersecurity issues will persist.

It has become pertinent that necessary measures such as training and retraining employees for cybersecurity issues have become compulsory. To ensure that your organization does not suffer the ill effects of cyberattacks, you must not see cybersecurity as the business of the IT team, especially with the WFH model.

Nov 15, 2021Tech Digest Correspondent

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

Level of preparedness

Data protection guidelines

Wrong use of work equipment

Conclusion

Share this:

Like this: