As employees have been working from home for the past year, there have been an increase in the rate at which organizations witness malware attacks in remote devices.
The coronavirus pandemic has resulted in more remote working than ever before and companies, as well as their employees, have had to adapt to the change of environment and the challenges that accompanied it.
One of these challenges is cyber criminals trying to exploit the insecure PCs of remote workers as an entry point into corporate networks.
As a result of this, the amount of malware attacks targeting remote workers is higher than ever and according to cybersecurity company Wandera’s Cloud Security Report 2021, 52% of organizations experiences a malware incident on a remote device. In 2019, only 37% of organizations experienced malware attacks on remote devices.
In many cases, cyber criminals are exploiting known vulnerabilities in software to deliver malware, while the users attempt to engage in software management and patch installation without the direct assistance of a cooperate IT team.
These cyber criminals use phishing emails to trick the remote workers into downloading malicious applications, because they believe they’re installing something to increase their efficiency.
‘More often than not, the offending apps were being downloaded and installed by the remote workers themselves’, Michael Covington, VP at Wandera said.
‘We saw a fairly large number of apps claiming to offer collaboration functionality, though in reality, they were designed to steal private information like messaging content or trick the user into granting access to the camera and microphone, thus enabling a remote attacker to eavesdrop’.
Alarmingly, of those devices infiltrated by malware, a third of its users accessed corporate emails and one in ten continued to access cloud services. These could provide the hackers with a lot more access to the network than they would have gained by infiltrating only one remote machine.
Securing remote employers is challenging for information security teams, who are also working remotely, making their task even tougher.
The engagement with remote employees for the provision of advice and tips on how to work safely may greatly aid in keeping them and the organization at large, safe from cyberattacks― an activity which will aid everyone in the long run.
‘Continuously engaging with workers on the sign-in mechanisms they should use, the incident reporting they should follow, and the applications that are approved for work will help everyone do their part to protect the business and its assets’, Covington said.
By Marvellous Iwendi.
Source: ZDNet