Working From Home policies, whilst necessary to curtail COVID-19, have exposed smaller enterprises to a level of sophisticated cyber-attack ordinarily reserved for large multi-nationals and the impact will lead to a further sharp rise in data breaches, according to Dave Waterson, CEO at security protection software company, SentryBay.
The pandemic has been widely exploited by malicious cyber actors and advanced persistent threat groups using COVID-19 themes, putting individuals, small and medium businesses and large organisations at risk of scams and phishing attacks. However, it is the geographically widespread location of employees that is exacerbating the risk, which is set to increase rather than decrease as the second wave of the virus forces people back to working in their homes.
“Working from Home (WFH) has meant that sensitive company data has a broader physical footprint, and organisations have less control over how it is being accessed if their employees are outside the safety of the corporate perimeter,” said Dave Waterson. “Where previously smaller enterprises, which are often less well protected, were able to fly under the radar and avoid cyber-attacks, this is no longer the case, and they are increasingly being hit with insidious, damaging breaches that they are ill-equipped to deal with in the current climate.”
The SentryBay team believe that in 2021, the greatest danger to organisations will come from key logging and screen-grabbing malware, primarily because they are the attack vector through which sensitive data is most often, and most easily, stolen. Both use endpoint devices to gain access and, despite the rise in use of anti-virus and two-factor authentication, this will not guard against an attack.
“2FA does not stop sensitive data passing through the application after login,” continued Dave Waterson. “Keylogging malware is normally ranked as the leading cyber threat to businesses, but standard anti-virus solutions do not provide sufficient protection. Unless data is protected as it is entered from the keyboard or onto the screen, it opens the door to criminals and therefore we are anticipating a massive growth in attacks on organisations.”
The risk of a breach is heightened not just because WFH is now so prevalent, but also due to a general rise in online activity. SentryBay predicts that malicious actors will target children or other members of the household to gain access to a parent’s corporate network.
With COVID restrictions and less people on the high street, the run up to Christmas will see a jump in eCommerce purchasing which is already being targeted by cyber-criminals through phishing scams and fraudulent sites that spoof well known retailers.
SentryBay encourages organisations to think about the broader picture when it comes to protecting their employees, and their data. Identifying risk outside the corporation now means the families and friends of employees, and the devices they are using. To keep all connections safe, they need to look for solutions that are specifically designed to protect against all vulnerabilities, not just the most obvious ones.
More information on how software can help to protect and enhance compliance of any remote access, enterprise and SaaS applications is available at SentryBay.
Subscribe to our newsletter
For the latest insights into the quickly evolving cybersecurity landscape, please complete the form below and we will share our newsletter, SentryPost.
For a demo of our solutions and the opportunity to chat to our expert team, please complete the form below.