Insights

Cyber criminals are seeking to exploit remote workers

Article authored by the Head of Cyber Security of X4 Technology, Elliot Kirby.

As healthcare workers on the front-line cope with the effects of the Covid-19 outbreak, cyber criminals are capitalising on the chaos. Malicious hackers have been praying on the fear and unfamiliarity of present circumstances to carry out cyber-attacks on the healthcare system.

As well as healthcare systems, cybercriminals are seeking to exploit remote workers by taking advantage of companies that have not applied the same security measures on their remote networks as would be in place in a corporate environment.

I spoke to Ian Reynolds, Director at SecureTeam, a UK based cybersecurity firm who work with a range of businesses including the UK Government, NHS and Ministry of Defence, to hear his thoughts on the reasons behind the recent surge in cyberattacks and how his business is coping.

What impact has Covid-19 had on SecureTeam?

Since Covid-19 broke out, SecureTeam has had to very quickly adapt to allow us to continue offering our services to customers. The biggest impact to us so far has been a complete suspension in onsite consultancy, as many of our penetration testing services are not considered to be “essential services” under the UK governmental guidelines, so to protect the health and safety of our consultants, and to comply with the government guidelines, none of our consultants are currently visiting customer sites.

One of the advantages of us being a smaller organisation is that we can be very agile in situations like this, and with all our staff being home-based who connect through cloud-based infrastructure, we didn’t have to make any staffing or infrastructure changes to accommodate the lockdown restrictions that are now in place.

Using a number of custom-built hardware appliances, we’re also able to securely deploy a set of testing tools to our customers that our consultants can access remotely. This has allowed us to continue delivering onsite penetration testing and services like Cyber Essentials Plus, where previously we would have had to send a consultant to the office or datacentre of our customer.

Are you having to work differently to support the prevention of further cyber-attacks?

Many of our customers have had to rapidly react to the Covid-19 crisis. Organisations are now hastily setting up VPNs and remote working solutions (like TeamViewer or Citrix), with the priority being placed on business continuity and not on security.

Many solutions are being deployed with default settings and the secure configuration of firewalls is often being disregarded in favour of “just keeping the business running”. A large number of organisations lack the basic infrastructure to allow for homeworking (such as laptops or VPNs), so they often allow staff to work from home using their home computers, which opens up a vast array of potential security weaknesses.

SecureTeam has been able to assist our customers by offering a rapid assessment of their remote access solutions, and in some cases, writing policies around homeworking or allowing access to BYOD devices in a secure manner.

Why do you think there has been a surge in cyber-attacks since covid-19?

From our own threat detection systems, we have noticed a large spike in attacks originating from places like Russia and China, and there has also been a huge increase in attacks being reported by healthcare providers and the NHS itself.

At the moment, healthcare and medical companies are absolutely stretched to the limit. Not only are they dealing with the same challenges that all businesses are facing during this pandemic but they are being asked to provide a level of service that many organisations may have never experienced before.

With the organisation’s resources being stretched, attackers will often exploit this weakness, as the organisation may have less resources to investigate and prevent attacks. This is further exacerbated by the fact that many organisations may have very quickly set up remote access solutions that may not have been adequately secured or may have staff working from unmanaged laptops that may be missing Anti-Virus or security patches.

Do you think there will be a demand in cybersecurity professionals to combat further covid-19 related attacks?

There is no doubt that the Covid-19 crisis will demand an unprecedented amount of resources from organisations in every sector. Ensuring that an organisation is able to continue to function and not increase the level of risk to their data security, remains a higher priority than ever before and cybersecurity consultants play a significant role in that.

While many organisation’s may not place cybersecurity high on their agenda in the current climate, the increase in targeted Covid-19 cyber-attacks and the lack of resources means that more cybersecurity consultants are going to be required in the months to come to enable UK businesses stay on top of their cyber resilience.

 

Stay connected: