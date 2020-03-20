Working from home a cybersecurity headache for employers

INTERNATIONAL - As companies and government agencies send their employees home to avoid contact with the coronavirus, many cybersecurity teams are facing the unenviable challenge of securing sprawling, vulnerable networks.

Every time an employee connects to their corporate network from home, they’re creating possible access points for hackers to exploit. When this happens 1,000 times on a single network almost overnight, as it has amid orders for regional lockdowns, it’s increasingly difficult to ensure every connection is secure.

The specific security challenges are wide ranging. While those using company-provided laptops are likely protected by internal safety measures, they could still be vulnerable if their security software isn’t updated or their remote network connection isn’t perfectly configured. The bigger problem is employees using their own equipment that security teams can’t monitor for malicious traffic. For all they know, these devices may already be infected with malware.





The challenge can overwhelm security personnel, especially for those companies that have previously discouraged employees from working from home. Pivoting from office desktops to laptops at home are projects that security teams at large companies execute over months.





Instead, the shift to working at home has happened in days. And with so much emphasis placed on simply making sure company operations don’t come to a grinding halt, network security can be an afterthought.





“Everyone’s attention is drawn away from cybersecurity right now, with the first priority being safety and continued operations,” said Lesley Carhart, principal threat analyst at Dragos Inc., an industrial controls security company. “That’s certainly forced some companies to rush into allowing remote access to critical operations.”





A major power utility in southern Europe, for instance, sent home hundreds of employees last week. In a matter of three days, the company increased remote accessibility from just 9% of their machines to 53%, said Andrea Carcano, founder and chief product officer at Nozomi Networks Inc., an industrial security company in San Francisco.





“There’s a risk of opening access to all of those plants,” said Carcano, whose company provides network security tools to some of those power systems. He declined to name the utility. “That customer has some visibly. But it is a fact, you’re opening a new door that used to be closed. If it’s an opening for you, it could be an opening for an attacker.”





The huge influx of people working at home has expanded the places hackers can exploit. As companies across Europe and the Americas come to grips with this new normal, hackers are tweaking their attacks -- sending phishing emails that claim to be about the coronavirus or purport to be from a trusted health agency -- to leverage fear of the global pandemic.



