New research shows almost three quarters of large businesses believe remote working policies introduced to help stop the spread of COVID-19 are making their companies more vulnerable to cyberattacks.
AT&T's study of 800 cybersecurity professionals across the UK, France and Germany shows that while 88% initially felt well prepared for the migration, more than half (55%) now believe widespread remote working is making their companies more or much more vulnerable to cyberattacks. This figure jumps to 70% for large businesses with over 5,000 employees.
The danger is real. AT&T Alien Labs Open Threat Exchange(TM) (OTX(TM)) is one of the largest intelligence-sharing communities in the world, with more than 140,000 security and IT professionals from 140 countries daily contributing and sharing information. In March, as a global pandemic was declared and organisations around the world began implementing wide-scale remote working policies, OTX experienced a 2,000% month-over-month increase in COVID-related IOCs in March.
"Cybercriminals are opportunistic, taking advantage of the fear and uncertainty surrounding issues like the current global health and economic situation as well as sudden shifts and exposures in IT environments to launch attack campaigns," said John Vladimir Slamecka, AT&T region president, EMEA. "It can be a challenge for IT organisations to stay on top of emergent threat activity in the wild."
Employees are the biggest risk identified by the cyber experts. The AT&T research points to a lack of awareness, apathy and/or reluctance to adapt to new technologies as the biggest challenge to implementing good cybersecurity practices within their business (31%). They report that one in three (35%) employees are using devices for both work and personal uses, one in four (24%) are sharing or storing sensitive information in unsanctioned cloud applications, and almost one in five (18%) are sharing their work device with another family member.
While many businesses have introduced new cybersecurity measures to mitigate risks since the onset of COVID-19, a large minority have not taken basic steps to protect a suddenly remote workforce. One quarter (25%) have not offered additional cybersecurity training for employees; 24% have not created secure gateways to applications hosted in the cloud or in a data centre; 22% have not increased endpoint security to protect laptops and mobile phones; and 17% have not implemented internet browsing protection from web-based threats.
Cybercriminals are exploiting the fear and uncertainty surrounding COVID-19 and current economic concerns as topics for phishing and other fraud activities. Simultaneously, they are attempting to take advantage of the new remote workforces to launch attack campaigns. 44% of cybersecurity experts cite ransomware and/or malware attacks as their top security concern. Phishing (39%) and external threats such as nation-state attacks or hacking (39%) round off their top three concerns.
Faced with a multitude of urgent cyber risk and compliance challenges, cyber security experts are also gearing up for new innovations as a response to business conditions around COVID-19. Almost half (47%) expect more digital transformation of business processes and cloud implementation in the year to come. Two in five (40%) believe that their business will adopt new automation and robotic tools. For the largest businesses, those with more than 5,000 employees, nearly half (48%) will be changing their technology partners in the next year.
"While many organisations had already supported some remote workers on a regular basis, the sudden increase has put stress on IT systems, processes, and teams," said Mr Slamecka. "Others have had to scramble to quickly roll out solutions focused on keeping their entire workforce connected and productive.
"In either case, sudden and unplanned changes in the way workers connect to the corporate network and access corporate data and applications in the data centre and cloud can introduce new cyber risks and vulnerabilities," he adds. "This is the time to put robust security measures into place that will protect employees and companies for the opportunities and challenges of the future."
*About AT&T Communications
We help family, friends and neighbors connect in meaningful ways every day. From the first phone call 140+ years ago to mobile video streaming, we innovate to improve lives. We have the nation's fastest wireless network.** And according to America's biggest test, we have the nation's best wireless network.*** We're building FirstNet(R) just for first responders and creating next-generation mobile 5G. With a range of TV and video products, we deliver entertainment people love to talk about. Our smart, highly secure solutions serve nearly 3 million global businesses - nearly all of the Fortune 1000. And worldwide, our spirit of service drives employees to give back to their communities.
AT&T Communications is part of AT&T Inc. (NYSE:T). Learn more at att.com/CommunicationsNews.
AT&T products and services are provided or offered by subsidiaries and affiliates of AT&T Inc. under the AT&T brand and not by AT&T Inc. Additional information about AT&T products and services is available at about.att.com. Follow our news on Twitter at @ATT, on Facebook at facebook.com/att and on YouTube at youtube.com/att.
(C) 2020 AT&T Intellectual Property. All rights reserved. AT&T, the Globe logo and other marks are trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. FirstNet and the FirstNet logo are registered trademarks and service marks of the First Responder Network Authority. All other marks contained herein are the property of their respective owners.
**Based on analysis by Ookla(R) of Speedtest Intelligence(R) data median download speeds for Q2 2020. Ookla trademarks used under license and reprinted with permission.
***GWS OneScore, September 2019.
View original content to download multimedia:http://www.prnewswire.com/news-releases/att-survey-shows-70-of-large-businesses-believe-remote-working-makes-them-more-vulnerable-to-cyberattacks-301105074.html
SOURCE AT&T Communications