Looking back on 2020, we can honestly say it was a year like no other. We faced wildfires, hurricanes, a raucous election season and, of course, a pandemic that forced millions of people to work, socialize and attend school from home. For cybersecurity teams, 2020 presented a unique challenge. How do you continue to offer defenses for networks and data when users are forced to work remotely?
Here are the big cybersecurity trends and cloud computing security changes we noted in 2020.
Increased Attacks
C-suite executives reported a 90% increase in cyberattacks after workers went remote, according to a study from Tanium, and 98% say they saw a rise in security challenges in the first two months of the work-from-home period. In addition, 70% say they are increasing their focus on remote cybersecurity. They listed their number one goal as knowing all endpoints connected to the network.
“The almost overnight transition to remote work forced changes for which many organizations were unprepared,” says Tanium’s Chief Information Security Officer Chris Hodson in a statement.
It wasn’t simply a matter of people being unprepared for this exodus from on site to work from home. It was also about thinking too highly of how standard security measures would work, and thinking too low of the most simple cybersecurity best practices.
Reliance on VPNs
When employers first sent workers home in March, IT teams scrambled to find virtual private networks (VPNs) to make sure employees were accessing the network through secure connections. VPNs issued by employers are designed to encrypt data as it transmits between two different networks, and have oversight from the IT and security teams. Some work requires high levels of security and encryption of sensitive data, but mostly, IT teams (rightfully) question how well consumer providers secure home connections and personal devices.
However, VPNs can have issues, just like any device connected to the internet. VPNs aren’t held to the same level of patching and updates as other devices. So, openings in the software can let in threat actors who know that once past the VPN gateway they have full access to the network. Another risk of VPNs is free software versions that people download at home, thinking that VPN means they’re safe by default. Unfortunately, some free versions, especially those downloaded from lesser-known sources, have had malware installed or don’t offer full encryption. Paid versions are a better option, but they won’t offer the same level of defense as a physical VPN device. And again, even those aren’t foolproof.
Issues in Cloud Computing Security
Cloud computing made remote work easier for a lot of employers. Workers had ready access to files and data. Work could go forward with few disruptions (at least from a tech standpoint). However, they don’t always factor the risks into the ease of cloud computing.
The Cloud Security Alliance listed cloud security threats, such as data breaches, misconfigured cloud controls, inefficient identity and access management and poor cloud security strategy and architecture a month before the shutdown happened. Those security problems didn’t go away with remote work. In fact, they became more difficult to manage as IT teams struggled to understand the new data traffic patterns and the multitude of new devices accessing cloud services. Gartner recommended organizations do more to improve their cloud security posture. This could include adding better controls across software-as-a-service systems and improving access identifiers.
From Phishing to Spearphishing
Cybersecurity experts addressing the audience for Exabeam Spotlight20 in a keynote address said they expected to see an increase in phishing attacks. And that’s what happened. Some attackers sent such poorly constructed phishing emails focused on COVID-19 that it was pretty easy to dismiss them as spam. But then came the surprise — well-targeted and well-written spearphishing attacks, sent to managers. These attacks hijacked clients’ and vendors’ real accounts, which the thieves had acquired in a data breach, and included financial transfer requests. Cybersecurity teams were ready for one type of phishing attack, but got hit with something more refined than they expected.
Cybersecurity Awareness Training for Cloud Computing Security
Because cybersecurity teams knew the risks of phishing attacks, they put greater emphasis on awareness training. Numerous vendors, and certification bodies developed training programs geared toward remote workers. This effort to reinforce awareness appears to be working. The Identity Theft Resource Center reports a 30% decrease in data breaches in a year-to-date comparison between 2020 and 2019.
Using Multifactor Authentication
The industry is giving new attention to multifactor authentication (MFA), which is used to access networks, data and devices. It is predicted that the MFA market will grow by $11 billion as a direct result of the remote workforce. Many companies already require some type of MFA already, often a password and token or password and biometric, and some compliances like PCI-DSS require MFA. But, many users try to find a way around the second factor.
Many experts believe MFA is the best way to protect the entity from phishing attacks. Even if the threat actor snares credentials, they stall behind a second gate. Requiring all cloud computing access to use MFA will step up cloud security efforts. It is a simple, yet often bypassed, defense. In today’s world, security teams see this as a way to remotely monitor work-from-home behavior.
While the pandemic highlighted the struggles of remote work en masse, the natural disasters of 2020 remind us that workers may have to work off-site for all types of reasons. Adapting cybersecurity for remote work and cloud computing security on previously unseen levels — the challenges and the successes — was one of the most important technology stories of the year.