Remote work is here for the long run, and as businesses adapt to the new normal, hackers are also adjusting to – and taking advantage of – this new status quo. The COVID-19 pandemic has changed the way we work by transitioning most of the workforce to be remote and turning our homes into offices. This shift has seen hackers and cybercriminals modify their approach and adapt their hacking methods accordingly.
The combination of rapid cloud adoption, BYOD, and remote work have opened the door to new breaches and hacks. This requires organizations to transform their defensive playbooks and to better understand how hackers are utilizing the crisis for data theft. Recognizing how criminal business models have evolved is key to protecting our data and resources in the present.
In early September, security researcher and “friendly hacker” Keren Elazari joined Sivan Tehila, Director of Solution Architecture at Perimeter 81, in a discussion about the evolution of security threats and cyber crime in our new remote work era. From Zoom bombing to account takeovers, access mining and phishing, Keren and Sivan shed light on emerging security threats and shared practical ideas on how to build a more secure future for your organization.
Watch the webinar on-demand:
What new security threats and trends have developed over the past 5 months of working remotely?
Keren kicked off the discussion by explaining that during the pandemic, criminals have amped up their activity. During the pandemic, we saw how adaptable hackers really are. Once a specific region was hit with COVID-19, cybercriminals hit those areas with phishing, malicious emails, contact tracing apps, etc. They have been following the pandemic and capitalizing on it. Keren also discussed access mining, AWS mining, malware, ransomware, island hopping, and more developing trends. Sivan followed up with examples from current events and trends from the industry. During the pandemic, more organizations have been adopting cloud-based solutions and rethinking their business continuity plan, especially healthcare and educational organizations that have been a hot target for hackers during the pandemic.
What are some things that we should understand about the way a hacker’s mind works?
Keren discussed how hackers are curious and constantly striving to find ways to use tools and processes in an unexpected way. For years, hackers have been “living off the land” and utilizing resources that they access in order to exploit them, especially during the pandemic. Keren gave examples of opportunities from within an organization that hackers leverage for their advantage. Additionally, hackers are finding ways to have more interaction with their targets in order to craft their attacks.
Now that home is the new office, what does this mean for IT Managers, organizations, and employees?
In our new normal, the responsibility to secure our networks falls on all employees as well. Sivan explained that IT Managers must have a strategy in place in order to deal with the challenges of remote work, as well as make adjustments to their security training in order to find a balance between realistic security requirements from employees and the appropriate enforcement of policies. Attackers are becoming more sophisticated but when we use different layers of security, we can help protect our data and networks. IT Managers should adopt unified solutions that give them control and visibility of their network and users in one place, in order to simplify managing employees remotely.
How has the rushed adoption of cloud computing and storage brought about more ways to exploit network vulnerabilities?
Continuing from the previous question, Sivan discussed dark data and a lack of awareness of where remote employees are storing their data. When moving to use cloud-based infrastructure, it is important to map out assets and prioritize security goals based on this map. When using the cloud, we use more applications and remote protocols in order to access data, so we must manage this remote access with the correct encryptions and protocols in order to avoid hackers exploiting our networks.
Keren expounded on how the land has expanded for cybercriminals – infinite computing power that they can leverage. When working from home, there are additional devices that we are using and that are additional entry points for hackers. After providing some recent examples of vulnerabilities in existing systems, Keren explained how criminals are aware of the way we are using various tools and software.
Moving forward, how should organizations set up a business continuity strategy for cybersecurity?
For the final question, Keren discussed multi-factor authentication and the need to eradicate passwords. We can take this pandemic as an opportunity to improve our security posture and throw old practices, such as passwords, out the window and to move on to more modern and more secure technologies. Sivan added the importance of going back to the basics and asking ourselves what type of adjustments we need to apply – how we identify a threat, how we protect our networks, and what new layers of security we need to adopt in this day and age. In the past when we used to protect the perimeter, now we have to protect not only outside but inside the network as well with micro-segmentation and different security layers.
After an exciting discussion with insights, examples, and tips, the panelists moved on to answer questions from the audience. If you were unable to tune in live but still would like to address questions to the speakers, feel free to reach out to us on LinkedIn, Twitter, or Facebook.
About the Speakers
Keren Elazari is an internationally recognized security analyst, author and researcher. In 2014, Keren became the first Israeli woman to speak at the prestigious TED Conference. Keren holds a CISSP certification and a Masters in Security Studies, and is currently a senior researcher at the Interdisciplinary Cyber Research Center at Tel Aviv University. Keren is the founder of Israel’s largest security community, BSidesTLV, part of the global SecurityBSides movement, and the Leading Cyber Ladies global professional network for Women in Cyber Security.
Sivan Tehila is the Director of Solution Architecture at Perimeter 81. Sivan is a cybersecurity expert with over 13 years of experience in the industry, having served in the IDF as an Intelligence Officer and then in various field positions including Information Security Officer and a cybersecurity consultant. For the past two years, Sivan has dedicated herself to promoting women in cybersecurity and founded the Leading Cyber Ladies community in NYC.