Why does telework attract cybercriminals so much?
Lately, we have been talking about cybercriminals and their impact on telework.
Cyberattacks increased at the same time as telework became a habit. Connecting is all too easy. However, all this does not help companies, because they are the first victims of this confinement for which, their employees are forced to work remotely.
This article will also interest you: Telework and Cybersecurity: 4 threats still unknown
Remote collaboration also has its downside. Businesses have become more vulnerable. Remote collaborations do not always meet optimal conditions to preserve the security of computer systems. If it's not a hardware or software issue, we're dealing with a discipline issue. This greatly increases the risk to enterprise information systems, systems that had been flawed in the past, in the face of several threats they had underestimated. And according to cybersecurity firm Barracuda Networks, computer attacks have seen a more than 667 percent increase in phishing attempts, involving the coronavirus link. A most anticipated consequence.
Moreover, the problem of cybersecurity in telework is partly explained by the fact that the implementation of remote collaboration systems has unfortunately not been brought under control by companies. Indeed, the adoption of the work was a bit hasty. The massive and hasty use of software dedicated to remote work has not met certain safety standards at the base. According to an analysis by the famous interconnection platform, Deutscher Commercial Internet Exchange (DE-CIX), video conferencing tools have grown by 50% over the past month. At the top of its applications we have Skype, Teams, Zoom and WhatsApp. Global traffic involving remote collaboration on the Internet is estimated at nearly 9 terabits per second. An impressive figure. One figure alone explains the explosion of cybersecurity since then. "While the financial health of small and medium-sized enterprises is already precarious, the risk is that there will be a cyber security crisis. Companies that, in order to survive, will have traded on the usual work security may succumb to a cyber attack. We must not forget that cyberattacks can complete a business," stressed Frédéric Rousseau, head of the cybersecurity market at Hiscox. But first and foremost, it was still necessary to recognize such a situation was a real challenge for all companies. "While the largest companies were organized and had a business continuity plan with IT security at the height, the fact remains that companies had to deport their internal organization to each of their employees, both in terms of connection but also in terms of securing those connections and hardware. It's still a real challenge," says Christophe Madec, Bessé's Cyber Risk Specialist, Christophe Madec. Unfortunately, many medium-sized and mid-sized businesses as well as small businesses had not anticipated these kinds of crises, or even their duration. This has led to an uncontrolled implementation of remote work. "Employees need to be equipped with computers and secure connections. Telework is not working from home with personal tools without extra precautions. The majority of personal computers are insecure and probably already corrupt," says Mickael Robart , director of financial and cyber risk at Siaci Saint Honoré. For his part, Frédéric Rousseau notes: "Companies that, in order to maintain their business, no longer meet their minimum IT security criteria increase their vulnerability. They then combine financial vulnerability and vulnerability in terms of security. The pirates have noted it."
Another issue to raise is that companies can put their cyber insurance at risk when they increase the risk for lack of applications of certain basic homes. Because even if a company is insured at the cybersecurity level, they must ensure that certain rules are at least respected. Therefore, if companies applying the security measures that fall to their primary responsibilities, this "should not be too much of a problem. Generally, these blankets have been sized to meet the disaster hypothesis. There is therefore no need to revisit insurance policies," noted Christophe Madec. As for others who have not yet done so: "there is still time to make sure."
In addition, one of the first steps companies must take to this problem is to train their employees. "We need to train employees at cyber risk. You can protect yourself from an attack by adopting good practices. To be vigilant, you have to be trained," the experts stressed.
Now access an unlimited number of passwords: