IT Security in Organizations After the Pandemic: What’s Next?

By Alan Kakareka, InfoSec consultant to businesses, Demyo inc.

The year 2020 has so far represented, the biggest change in the way we live and interact with our environment. After OSM declared a global pandemic state because of the emergence of covid-19, it is accurate to say that within all the chaos, we had to adapt ourselves to a series of changes, not only to survive the virus but to cope with those in our daily lives.

Social distancing has affected the way we communicate with others, changes on how we buy things for our homes, using e-shops or apps, are evidence of how technological advances, and their implementation in our lives, are alternative solutions that make easier dealing with our problems. Activities such as online education and remote work have also been a must during the pandemic.

However, the way of living at home was not the only thing affected by the pandemic, as “normality” implies that there is work and livelihood. Many companies opted to increase their use of digital resources to effectively deal with the situation, ensure productivity continues and maintain their service offerings; but digitization brings with it many challenges, primarily defending against cybercrime.

Below, we will explore how the emergence of covid-19 has encouraged new business behaviors, giving cybersecurity an important role in the preservation of information and the fight against cybercriminals.

Covid’s indirect effect on IT Security

The implementation of technology in the business environment allows many processes that were slow, outdated, and inefficient to work in seconds now, making it easier to capture information. To protect this sensitive – and vital – information, companies should have qualified IT security teams with the resources to deal with any type of threat, but in reality, many executives and CEOs do not understand the need to invest in optimal and up-to-date equipment, which makes the company’s system a victim of its own negligence and lack of interest in protecting it.

As mentioned earlier, many companies jumped into digital operation in the wake of the pandemic, providing an opportunity for hackers around the world to take advantage of a large number of vulnerable systems. The increase in the number of companies and organizations operating digitally also meant an increase in the number of cyberattacks, which grew alarmingly in 2020.

These criminal actions damage entire company operations and also affect the devices of employees working remotely at home. This represents a major overall challenge for IT Security teams due to the exponentially growing number of attacks with users, companies, and even healthcare facilities affected around the world.

What is IT Security facing during the pandemic?

In the IT Security field, it is better to respond proactively than to respond reactively to attacks, as there may be gaps in the system where criminals leak information, sometimes being infiltrated for months without being detected. Therefore, to be able to respond effectively, it is vital to understand how the invader operates and what their targets are, to be better protected from any imminent threat. The following is a list of various sectors affected by cybercrime and the correlating influence of the pandemic:

• Remote Workers: Many retail stores or companies shut down or stopped operations because of COVID-19 forcing millions of workers around the world to work from home. At the same time, many employers did not expect their employees to have so many security flaws in their computers, leading organizations to pay unforeseen costs related to malware and security breaches.
• VPN-dependent companies: Following the emergence of the covid-19 outburst, many companies leveraged VPN technology to operate remotely, allowing hackers to use ransomware to exploit those without patches. This leads companies to use “zero trust” with their employees to be more protected.
• The financial sector: In 2019 financial organizations accounted for 7% of computer breaches, yet made up 62% of total leaked records, demonstrating that there is an ease in stealing information from this type of company. A factor that also benefits criminals is the implementation of 5G technology, which means that the financial industry must consider effective defense methods.
• Artificial intelligence (AI) and cloud technologies: The Covid 19 pandemic required an accelerated transition to remote working, so the use of Cloud Technology is much more in demand for companies to continue working. These are systems that have a certain vulnerability index, so the use of AI is also sought as an aid to defend the system and reinforce security within companies.
• Data theft: The pandemic also influences the amount of time and people using the internet, and with the internet being a resource for working from home, the risk of data exposure is much higher.

On the other hand, employees are often a recurrent target within the attack to a corporation, since cybercriminals use various forms of manipulation that give access to malware to invade the company’s data. Here we show you some of the most used and known:

• Phishing and Malspam: By entering credentials in fake sites that criminals send by e-mail.
• Credential stuffing: This is due in part to the reuse and usage of weak passwords to then use the credentials remotely.
• Ransomware: Which can infect the system by simply accessing a malicious link in a banner or even an e-mail.

How can companies defend themselves?

It is important to keep in mind that with all the existing problems, it is necessary to prevent them before regretting, and for that, you must have an infrastructure capable of resisting attacks, have a proactive team capable of detecting breaches, and train employees to avoid being victims of social engineering. For this, we will give some guidelines on how to increase security to be more resilient to the invasion of a cybercriminal.

– Securing corporate networks

The main thing is to ensure the protection of the system, for it it is necessary to make sure that the signatures and antimalware are updated, to make backups of the system and of regular and automatic form, assuring that the backups have not continuous destinations. It should also be ensured that backups are protected by denying communication with unauthorized external ports and preventing employees from generating breaches by being victims of phishing and other malware.

– Securing employee home networks

On the other hand, it is advisable to protect from breaches the employee’s home network, so we recommend the use of VPNs, smart password management with multi-factor authentication, updating modems and routers automatically, and having firewalls active at all times.

– Maintain security on employee devices.

Employees are most likely to use their own devices when working remotely, so the company should consider providing guidelines to them so they can keep their systems secure and not represent losses for the company.

For this, it is essential that employees patch their system to correct vulnerabilities and improve security on their devices by installing firewalls, antispyware, and antivirus. The use of external USB devices and printers must comply with a security standard before being used, and we recommend the information to be stored on hard drives.

The company must supervise all these actions. Through effective communication and a corporate culture focused on cybersecurity, you can prevent many negative situations that can affect its future. Being proactive and investing in cybersecurity will ensure that under any circumstances, you can guarantee your security.

About the Author

Alan Kakareka is a InfoSec consultant to businesses around the globe and Chief Technology Officer at Demyo, Inc. (https://demyo.com/). He was born in eastern Europe about 15,000 days ago and he speaks English, Russian and Lithuanian. He has over 20 years of IT security related experience. His expertise are vulnerability assessments, and penetration testing. Before Demyo, Alan worked for Terremark data center as a senior information security engineer and was involved in an extremely wide array of technologies in large to very large environments. Alan presented at many security conferences around the globe including Hacker Halted, DeepSec, FIRST, CONfidence and others. He is a co-author of the book “Computer And Information Security Handbook”. He also published white papers in the InfoSec field and contributed to SANS by rating official exams. Alan has bachelors degree in electrical engineering from Kaunas University of Technology and a master of science degree in Management Information Systems from Florid

Alan can be reached online at almaz@demyo.com, and at our company website https://demyo.com/