publive-image

In today’s scenario where the entire world grapples with the COVID-19 pandemic, companies and governments around the world are taking liable measures to safeguard their employees’ and citizens’ health. This is why billions of people send to shelter in place, or stay home, and asking employees to work remotely. According to the US Bureau of Labor Statistics and Boston Consulting Group, over 30 million office workers in the US and up to 300 million globally, are expected to be working from home.

While this remote working environment now relies heavily on digital infrastructure, shifting work patterns on such a massive scale can also have somber unexpected implications for IT and cybersecurity. The work from home model can pave opportunistic situations for hackers and malicious actors as every home device or wireless connection is a potential entry point.

Several cybercriminals are looking for exploiting people’s thirst for information as a vector for attack. In the time of crisis, attackers are using COVID-19-themed phishing e-mails, which allege to deliver official information on the virus, to entice individuals to click malicious links that download Remote Administration Tools (RATs) on their devices. While working remotely, most people have not applied the same security on their networks that would be in place in a corporate environment. In this context, attackers take advantage of that fact and breach data.

Zero Trust Model in Cybersecurity

While businesses have a various number of cybersecurity risks, zero trust principle provides an information security framework. The model, which was created in 2010 by John Kindervag, who then a principal analyst at Forrester Research Inc., is increasingly implemented by CIOs, CISOs and other corporate executives.

By using a Zero Trust model, companies can keep their eyes open as it ensures the immediate detection of anomalous or risky behavior and takes effective remediation steps. Organizations can monitor how users interact with an application, from what network, what device, during what time of day and other variables.

In a 2017 Annual Cybercrime Report from Cybersecurity Ventures, cybercrime will cost the world US$6 trillion annually by 2021, up from US$3 trillion in 2015. Meanwhile, the 2017 Data Breach Study, conducted by Ponemon Institute and sponsored by IBM, revealed that the global average cost of a data breach is US$3.62 million.

Moreover, COVID-19-themed website domain names began to be acquired as over 6,000 coronavirus-related web domains have been registered in the March, with large numbers of them malign. In a report released by software company Check Point, more than 2,200 of these new sites were found to be suspicious and 93 were confirmed as malicious and vulnerable to visitors.

Reports also claim that cybercriminals are using these domain names to delude as legitimate COVID-19 information sites. They are even sending phishing emails in the name of the US Centers for Disease Control and Prevention and the WHO. But they contain malicious links or attachments in essence. However, by employing clear guidance, right security capabilities, and maintaining good cyber hygiene, companies can dodge cybersecurity vulnerabilities during remote working.