In the last 12 months, Covid-19 has affected our leisure time, our work, our communication – much is different, some is new, some has moved to the internet. Among the most successful measures to contain the pandemic are undoubtedly the contact restrictions and thus the relocation of many workplaces to home offices, if possible.
But what are the consequences of this “new work” approach – born rather out of necessity – for IT security in companies? How have IT managers mastered the sudden and extensive challenges? What measures and priorities did they set last year? Which weak points still need to be improved and what is on the agenda for the coming months? In a flash survey, IKARUS asked 25 IT security experts from various companies and institutions about their experiences, the status quo and the challenges in the coming months.
The sharp global increase in cybercrime related to Covid-19 and the resulting damage show how important it is for companies to be highly aware of cyber risks. When asked which cyber-attacks have increased the most in the last 12 months, phishing and whaling attacks came in at 41%, ahead of supply chain attacks (23%), mobile device attacks (21%), ransomware attacks (19%) and unpatched software attacks (18%).
According to the respondents, ransomware campaigns (62%), attacks via IoT devices and Trojans (44% each), social engineering and pishing/whaling (42% each) as well as attacks on mobile devices (36%) and supply chain attacks have increased.
Social media threats or attacks on unpatched software (47%) remained the same for 41% of respondents compared to the time before Corona.
In summary, the current requirement for most companies is explicitly to put their IT security strategy to the test in order to comprehensively secure the new requirements of cooperation between their own employees and the various stakeholders. Against the backdrop of increasing cybercrime, the usual agility should be maintained on the one hand, but at the same time the resilience to unexpected incidents should be increased.
The invisible enemy
The fact that criminals penetrate a company’s IT infrastructure unnoticed long before they launch their actual attack makes it difficult for those affected to detect cyber-attacks in time. In line with this, 37% of respondents see a lack of reaction speed as the biggest challenge in the event of cyber-attacks, closely followed by a lack of security awareness among employees (33%) and recognising the potential for damage (12%). The use of mobile devices (BYOD), financial challenges and the identification of attackers have slightly lower priority than the first-mentioned topics.
Depending on the situation, the greatest challenge at the moment seems to be reconciling home office and IT security. When it comes to preventing cyber-attacks, the results point to a decisive role for employees. More than 80% of the IT experts surveyed see a very great or great danger in the fact that “employees feel more relaxed about IT security issues at home” and are far less focused on the topic than in the corporate environment. This also fits with the statement of 75% of respondents that “employees feel less bound to the usual security protocol“. 52% of respondents see the use of private hardware for company purposes as a major threat, followed by the use of untrusted networks and software. A particular problem for around 60% of respondents is the difficult-to-control access of other people to various devices. Especially when there are several family members in a household, “there are always moments when attention lapses and unauthorised persons take a look at the company notebook”, explains one respondent’s description of employee behaviour. Identifying and reporting suspicious incidents and carrying out backups are seen as manageable risks.
Reactions to the increase in home office activities
The survey also looked at various measures taken by companies to respond to the sharp increase in home office activities. 78% of the IT specialists stated that the companies have provided company hardware and access to the company network via VPN has been set up. These measures have already been implemented in over 80% of the companies. 50% state that the latest patches were applied before work was done from the home office. In 45% of the companies, mobile phones and notebooks have been made more available and more than a third of the IT experts have organised and also carried out special cyber security training for the employees. Only a very low 11% of companies seem to be willing to provide operating subsidies for working in a home office, e.g. for connectivity or electricity costs. For 53%, these measures are still under discussion, for 23% it is currently not an issue.
Focus on mobile device and client/server protection
With 76% each, the protection of mobile devices and client-server infrastructure top the list of the most important topics for 2021. Companies are also very concerned about the handling of email communication as a gateway for numerous attacks (65%). The importance of attacks on the OT environment, which 53% of the respondents emphasise as a core issue, is to be assessed on an industry-specific basis. Less of a concern are currently web traffic (43%), the protection of Mac devices (30%) and data protection in general (35%) – there are hardly any changes in intensity here compared to the time before Corona.
What does the future hold?
When asked about cybersecurity risks in the coming 12 months, 71% of respondents said they expect a further increase in phishing and whaling attacks, followed by ransomware (65%) and Trojans (53%).
A whopping 41% expect cyberwarfare against large companies, banks or governments. Attacks on unpatched software (47%) and supply chain attacks (29%) are also considered likely.
The Corona-related switch to the home office has led to a significant increase in security incidents worldwide, and according to IT security experts, “the end of the line” has not yet been reached. At the moment, it is not yet foreseeable when companies will be able to return to their offices with their entire staff and whether or not work will continue according to the previous working time models. It is therefore all the more important to take appropriate security precautions for flexible office and home office work in order to reconcile security and remote working.