The COVID-19 pandemic has brought about a number of changes across the workplace—and some are likely to be more permanent than others. It has been suggested that the coronavirus outbreak and subsequent lockdown has created a watershed moment for remote working with employers and employees alike seeing the benefits of individuals doing their work from home.
But in this remote working age, it has also become more important for organizations to ensure that their employees have powerful cybersecurity measures. For remote workers, endpoint security is perhaps the most essential measure as this is important in detecting the latest malware attacks. And unfortunately, along with remote working, these types of attacks have been growing in frequency over the course of the pandemic.
Growth in malware during COVID-19
It is sadly the case that as the instances of remote working have risen, so has the number of malware attacks against businesses. One of the most well-known forms of cyber threat that organizations face, malware has been around for a very long time, but it is constantly evolving and changing, and this has allowed it to be so effective through COVID-19.
One of the types of malware that has had success recently is Ryuk, a type of ransomware that infiltrates a system and encrypts its data before demanding a payment in Bitcoin. Additionally, banking trojans Trickbot and Emotet have been very successful and have made headlines around the world.
Another type of malware that has made headlines recently is Maze, and this is a great example of why you can’t assume that your security is going to stand up to these forms of malware. Maze is a type of ransomware that was able to breach a US nuclear contractor and release sensitive data. This shows that anyone can be targeted.
A rise in brute force attacks
It is not just malware that is causing problems for businesses and remote workers, but also brute force attacks, where cybercriminals work through all possible combinations hoping to guess passwords correctly. In fact, the coronavirus pandemic has actually seen an enormous rise in brute force attacks. Over 100,000 attacks have been recorded against the Windows Remote Desktop Protocol (RDP) every day, which allows workers to gain access to the corporate network from a remote computer.
This number represents a doubling of the number of brute force attacks against remote workers. It is believed that a part of this is due to the increased use of RDP with the rise in home working, and partly because organizations have not put in place the kind of additional security measures required.
The changing tactics of cybercriminals
Over the years, the tactics and techniques of cybercriminals have been changing and evolving. For example, the number of ransomware attacks increased by 40 percent between 2018 and 2019, and this type of attack has remained popular since then. Criminals are becoming increasing skilled and sophisticated in understanding how to overcome cybersecurity measures and take advantage of weaknesses.
Attacking larger targets and leaking data, or threatening to, are just two of the tactics that criminals have been using to raise their profits. In addition to encrypting the data, many forms of ransomware are now making copies of the data for additional leverage.
How endpoint security can help you business
Endpoint security is an absolutely vital part of overall cybersecurity for remote workers and can help protect internet-connected devices such as PCs, laptops, and smartphones against the likes of Ryuk and Emotet. Endpoints do not benefit from the same level of protection when they are outside of the office; they are more exposed. For example, your business will have a corporate firewall that offers protection to endpoints within the office, but the firewall won’t work elsewhere.
Systems known as Endpoint Detection and Response (EDR) are essential as part of a holistic cybersecurity strategy. These EDR tools can help your organization detect threats that traditional security controls that rely on signature-based detection miss.
EDR tools monitor endpoints to understand what constitutes normal behavior on the endpoint; this allows it to notice when something is suspicious, such as when a system is accessed from an unexpected location or attempts are made to copy or delete files. It can also help businesses respond quickly to attacks by isolating any devices that are suspected of being compromised and therefore contain the attack before it spreads across a network.
In the age of remote working, it has never been more important for companies to invest in not only high-quality cybersecurity, but also specific endpoint protection. It is always the responsibility of organizations to ensure that they are putting in the investment and resources to keep staff safe, whether they are in the office or working remotely.
