Flattening the curve on Cybercrime Stellenbosch Business School Skip to main content
Flattening-the-curve-on-Cybercrime
Dr Martin Butler, Senior Lecturer in Digital Transformation at USB warns against digital vulnerability and how to flatten the curve on cyber

The COVID-19 global pandemic forcing millions of office workers to become remote workers has created a “perfect tsunami” for cyber criminals seeking to exploit the crisis and penetrate corporate defences via unsecured home networks.

Unprecedented digital dependency has created unprecedented vulnerability, and an increase in malicious attempts to exploit the mass shift to online platforms for remote working, with South Africa experiencing a ten-fold spike in network attacks in mid-March[i] when much of the country moved to working from home.

…companies should ensure that the “digital equivalent of handwashing, face masks, social distancing and decontamination” is being implemented by their now-remote workforce.

 
Dr Martin Butler, Senior Lecturer in Digital Transformation at USB warns against digital vulnerability and how to flatten the curve on cybercrime.

The COVID-19 global pandemic forcing millions of office workers to become remote workers has created a “perfect tsunami” for cyber criminals seeking to exploit the crisis and penetrate corporate defences via unsecured home networks.

Unprecedented digital dependency has created unprecedented vulnerability, and an increase in malicious attempts to exploit the mass shift to online platforms for remote working, with South Africa experiencing a ten-fold spike in network attacks in mid-March[i] when much of the country moved to working from home.

…companies should ensure that the “digital equivalent of handwashing, face masks, social distancing and decontamination” is being implemented by their now-remote workforce.

Dr Martin Butler, Senior Lecturer in Digital Transformation at the University of Stellenbosch Business School (USB) says companies should ensure that the “digital equivalent of handwashing, face masks, social distancing and decontamination” is being implemented by their now-remote workforce.

Cybersecurity provider Kaspersky reported a spike in South Africa in devices affected by cyberattacks, from the norm of under 30 000 daily to 310 000 on 18 March1, and “extremely high levels of cyber exploits since – similar to reports from across the cybersecurity industry and across the world”, he said.

The World Economic Forum (WEF) said this week (1 April 2020) that the rise in cybercriminal activity seeking to exploit the COVID-19 crisis made cybersecurity “critical to collective resilience” in the face of the pandemic’s impact on the global economy.[ii]

Butler said the risk of “brute force attacks” – in which cybercriminals attempt various password combinations to gain access to corporate systems via individual user accounts – remained high and, with compromised credentials responsible for over 80% of breaches2, businesses need to implement encrypted communication such as Virtual Private Networks (VPNs) now more than ever.

“Ensuring company policies are applied on the corporate laptop that shares a home network with multiple devices such as mobile phones, is not sufficient,” he said. It is also important to make employees aware of the risk inherent in using home networks where other devices could be compromised. They should ensure the routers and other WiFi connected devices like printers and smartphones are also secured.

Cybersecurity company Cynet[iii] has identified two main trends in the coronavirus-linked information security breaches – attacks aimed at stealing remote user credentials, and weaponised email attacks such as phishing and malware that may not be picked up by home email software.

With most work-from-home employees using online collaboration and video conferencing software, Butler warned that some of these systems are not yet integrated into corporate single-sign-on systems or thoroughly tested and embedded in safe remote environments. Employees need to sign out of video conferencing platforms like Zoom and Skype when not using it actively.

 They can attack devices on unsecured home networks, mostly running outdated software or unsecure hardware…

“The significant amount of people working from home and often using new collaboration platforms like Slack, Zoom, Skype and Teams creates a perfect tsunami for cybercriminals. They can attack devices on unsecured home networks, mostly running outdated software or unsecure hardware, or exploit employees who are using relatively new systems at the extreme of their comfort levels.

“For cybercriminals it is the perfect time to get a malware link to the anxious, and not very tech-savvy, end user wanting to know the latest COVID-19 news and information. One ill-informed action may be all that is required for ransomware to penetrate corporate defences from remote locations,” he said.

While highly secure corporate networks should be able to prohibit or at least identify unauthorised activities to ensure that data assets remain protected and services are uninterrupted, home-based WiFi networks and 4G connections don’t have the benefit of corporate security policies and technologies.

“Although it is in principle possible to secure these distributed onramps to the internet that have become central in the work-from-home context, protection of them is now the responsibility of each individual user and not corporate IT – and therein lies the danger,” Butler said.

In addition to using encrypted communication such as a VPN, Butler recommended that remote workers take precautions including:

  • Using secure and complex passwords.
  • Never sharing or recording passwords in any format.
  • Ensuring that all home equipment’s software is secure and up to date.
  • Make sure you use the highest level of encryption possible on your home network.
  • Not replying to or clicking on links in phishing emails or messages.
  • Be on the alert for COVID-19 scam emails.
  • Ignore and delete WhatsApp messages with unknown links (especially from unknown senders).
  • Take extreme care when connecting to unsecured networks.
  • Signing out of video conferencing platforms when not using them actively.

Cybersecurity expert and futurist Dr Rianne van Vuuren, a PhD Future Studies graduate from the USB, advised that IT managers promote cybersecurity by:

  • Ensuring that a full-service internet security suite is used by all employees.
  • Regular updates of all software, which could save a company from significant future losses if such vulnerabilities are exploited by cyber-criminals.
  • Keeping up to date on major cybersecurity breaches in order to proactively ensure that potential vulnerabilities in their networks are secured.
  • Developing a risk model as well as a disaster recovery plan with the necessary backups – “this would be a lifesaver in case of catastrophe”.

Butler said where corporate IT polices on using company assets off-site used to focus on physically securing devices, and losing a device was a nuisance – “today, losing control over a device and thus enabling remote access to company systems and data, could be disastrous”.


[i] https://mybroadband.co.za/news/internet-of-things/344479-massive-increase-in-south-african-network-attacks.html

[ii] https://www.weforum.org/agenda/2020/04/covid-19-is-a-reminder-that-its-time-to-get-rid-of-passwords/

[iii] https://threatpost.com/cynet-the-coronavirus-is-already-taking-effect-on-cyber-security-this-is-how-cisos-should-prepare/153758/

 

Subscribe

Want to stay in touch with the Stellenbosch Business School community? Sign up and receive newsletters from our desk to your inbox.

SIGN UP