As if dealing with the direct effects of a global pandemic wasn’t difficult enough, over the past year many individuals, businesses and public bodies have found themselves suffering with a different kind of infection: ransomware.
When COVID-19 restrictions forced millions of people to work from home for the first time, many employers had to make hasty provision for remote working and cybercriminals have been only too happy to exploit the inevitable vulnerabilities that occurred.
The bigger the business, the greater the incentive to attack
Hardly a day goes by without a fresh media story about some organization that has been brought to a halt by a ransomware attack. From the Irish national health service to Colonial, one of America’s largest fuel pipeline companies, and the city of Tulsa, Oklahoma. That’s just a small snapshot of the major breaches reported during the single month of May.
There have been further high-profile examples in June such as the attack on the U.S. information technology firm Kaseya, affecting between 800 and 1,500 businesses around the world and the attack on JBS Foods, one of the world’s largest food companies with where it had to pay $11 million in ransom. And there’s no telling how many more cases are going unreported because the victims pay heavily to prevent their brand being associated with a breach. Interpol’s COVID-19 Cybercrime Analysis Report found more than a third of member countries reported a significant rise in malware and ransomware attacks during the pandemic. It also warned of a major shift in global ransomware activity, away from individual victims and towards bigger targets where there’s more money to be made. Not only are companies made to pay heavily to bring their businesses back online, but they may also subsequently be forced to pay again to prevent the release of sensitive information that was stolen during the initial attack.
Home is where the hackers are
Research by Kaspersky goes some way to revealing how the cybercriminals are more able to achieve these aims during this time of enforced remote working, revealing a 242% year-on-year increase in attacks on Remote Desktop Protocol (RDP) and collaboration tools, with 3.3 billion attacks detected between January and November 2020. Meanwhile phishing attacks are also proving fertile ground for attackers seeking to use remote workers as a route into their employer’s network. Barracuda Networks detected a 667% spike in this kind of attack during the early days of the pandemic, and there’s evidence to suggest we’re all more susceptible to making security mistakes when working from home and/or under stress.
Delivering better broadband in the home working era
Back in April 2020, I blogged about a future in which companies might dictate which ISPs their staff could use when home working to ensure the network remained secure. Perhaps the faster and more effective alternative is for businesses to provide their own layer of security that works in any home, regardless of the security measures employed by the household’s own ISP.
This means that while ransomware is a big problem for everyone, for ISPs it can also be an opportunity. A chance to provide new solutions for their business customers that ease the burden of securing their network against home working related vulnerabilities.
By offering business customers a security and wi-fi management solution like Irdeto’s Trusted Home, the ISP meets three customer needs in one. It provides a valuable shield against malware and ransomware infections, at the same time as it improves connectivity for those all-important video calls and reduces the need for employees to call their employer’s IT helpdesk with issues that are entirely related to their home broadband connection.
So how would it work? The ISP supplies their business customer with ready-to-deploy Mesh Wi-Fi hardware with pre-installed Trusted Home software. These small devices are easy to deploy in each employee’s home alongside their existing home broadband – no matter who provides the household’s broadband and with no requirement for the employee to have special technical skills. The employee then connects all their business devices to this new Mesh network but may continue to use their regular Wi-Fi network for personal devices like games consoles. The employee then connects all their business devices to this new Mesh network but may continue to use their regular Wi-Fi network for personal devices like games consoles.
The employee has access to the Trusted Home app (on iOS or Android) which gives them useful security tips and will alert them when it has automatically blocked installation of any known malware (including malicious software used in ransomware attacks) that’s highlighted in Irdeto’s constantly updated threat database. It will also prevent dormant malware already in the home from contacting its source servers when hackers try to activate it.
Furthermore, the app provides useful support to improve Wi-Fi connectivity which should reduce interruptions to home-working and related calls to the employer’s helpdesk. And, of course, the very presence of a mesh Wi-Fi solution also means added value for the employee in terms of an all-round better connected experience and the freedom to work from more places around the home.
A security solution for the future of home working
Many corporations – large and small – have already confirmed home working will be a regular feature for their employees from now on. It makes sense for companies to find a long-term solution to the vulnerabilities of home working, and who better to supply it than their ISPs?
Ransomware is big business, which means it’s not a threat that will end any time soon. Home working is also not going away despite the success of global vaccination programs and tentative moves to reopen society. It’s clear many of us will never fully return to the “old normal” of full-time office work.