Hacker Opportunities Have Skyrocketed: Protect YourselfHacker Opportunities Have Skyrocketed: Protect Yourself

Work-from-home (WFH) requirements have created more cybersecurity threats for nearly all organizations across any vertical market. Criminals are using COVID-19 as an opportunity to exploit this global crisis. Easy to guess passwords, family-sharing devices, and bandwidth-hogging applications have increased the risk of malware, ransomware, and other cyberattacks. Security experts are warning organizations that hackers are targeting employees doing business from their remote workplaces by employing techniques such as scam emails that mimic videoconference invitations, but instead steal network credentials or spoof remotely located executives to access questionable websites.

WFH Statistics

According to a June 2020 study by the National Bureau of Economic Research, about half the U.S. workforce is working remotely. While reading a Wall Street Journal (WSJ) article, “Companies Battle another Pandemic: Skyrocketing Hacking Attempts,” I found the following statistics surrounding these remote employees worth sharing.

Hacker Traffic Growth

In the same study, the FBI had received around 320,000 complaints of Internet crime as of May 28, nearly double the rate for 2019. The United States Secret Service expects $30+ billion in stimulus funds will end up getting stolen through scams. U.S. and European intelligence agencies warn that companies are prime targets for government-sponsored hackers going after corporate secrets. Nasdaq Inc. observed email traffic growth of 35% after most of its 4,500 employees started to WFH in March 2020. Kraft-Heinz reported an increase of 10% to 15% in attempted email attacks.

Hackers are employing new tactics, such as making fraudulent phone calls to a company’s support center. They imitate employees or suppliers and gather any information that could help launch more sophisticated attacks. Other hackers call the help desk and pretend to be an employee locked out of their account or a supplier who needs to confirm account credentials before they can process a payment.

Coping with WFH Security

We can’t predict how long the pandemic will last, but WFH isn’t going away. It’s assured that some employees will stay home and not return to the office, where security is better. One company provided its customer-support agents with laptops and software that can detect suspicious activity that may expose sensitive information or offer hackers a way into the computer network.

About 50% of security attacks are key attributes of human errors and negligence. The WSJ article also reported that 29% of remote workers allow family members to use their work laptops for online shopping and gaming, which is dangerous and foolish. The rest of the family doesn’t realize what security requirements the company has. Family members often don’t think about the security implications of opening suspicious emails, free downloads, and social media interactions.

Organizations must train employees to better reduce and eliminate the family members’ use of the computer. My suggestion is to keep your work passwords protected where friends or family can’t access them.

Some other recommendations to improve security at home:

Reducing attack success during the pandemic has reinforced a basic security lesson—the employee is the first line of defense against cyber intrusions. However, if a hacker tries to infiltrate a company’s systems, it’s up to the employee to be the strongest, not the weakest link.