COVID-19 Cybersecurity Threats and Vulnerabilities

Working from home has become the new norm for almost all organizations, due to the recent COVID-19 pandemic outbreak. Employees are now working from home using a range of devices, whether personal or provided by their organization. Many organizations are focusing on their business continuity plans allowing them to remain fit for purpose; thus, being able to continue offering their services without any disruption or delay. However, this prioritization of operational continuity may lead to the organization neglecting any security vulnerabilities that might have arisen during the implementation of contingency plans.

A vulnerability on a home device that acts as a medium to a corporate infrastructure (files, servers, emails, etc.) might lead to a security breach and cause significant damage to your organization, both in terms of finances as well as its reputation.

In these circumstances, the odds are overwhelming in favor of organizations experiencing a cyber security incident which may have dire consequences for the organization and/or its clients.

In this briefing we analyze the key threats and vulnerabilities created by the remote working environment, and then set out some best practice measures that can be implemented by organizations to mitigate those risks.


Confidentiality - Data Leakage / Data Theft:

Many organizations give employees the ability to access the corporate data remotely, which is akin to having "open doors" to the corporate data from anywhere and causes a headache for Security Officers on how to fortify the security posture of their organization.

Data leakage is the unauthorized transmission of data from within an organization to an external destination or recipient. The term can be used to describe data that is transferred electronically or physically. Data leakage threats usually occur via the web and email but can also occur via mobile data storage devices such as optical media, USB keys, and laptops.

Therefore, allowing the use of a home device, without the proper security controls, could easily give an advantage to attackers to gain unauthorized access to confidential data.

Availability - Malware/Ransomware:

A breach is not restricted to data leakage or disclosure of confidential information. Not being able to access your data, or any kind of destruction of data, are also considered breaches. Under the General Data Protection Regulation (GDPR) any kind of breach leading to the accidental or unlawful destruction or loss of data should be notified to the commissioner and data subjects without undue delay, but no later than 72 hours after becoming aware of it.

Such destruction of data could be caused by a type of malware called Ransomware. When executed, Ransomware encrypts all files in the network and usually the attacker demands ransom payment in order to allow the organization to regain access. There are several different ways that ransomware can infect your computer. One of the most common methods today is through emails, which will include a malicious attachment or links to a malicious website.

Integrity – Unsecure Connection:

Integrity refers to the process of ensuring the authenticity of information. Chiefly, ensuring that information is not altered and that the source of the information is genuine. An attacker could take advantage of an unsecure, unencrypted transmission and alter the information on its way to the organization.

Such transmission of data could be input in a system's database, email communication, payment process and any document file accessed by the user. By intercepting and altering the communication to any of the above-mentioned cases the attacker has the ability to cause the organization great financial losses.

To see the full article click here

Originally published 23 April, 2020

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.