Remote Working Burnout a Factor in Security Risk
Human error is one of the largest threats to the cybersecurity of an organization. As remote work continues due to the COVID-19 pandemic, Canadian workers are reporting burnout, which can lead to more cybersecurity errors. According to Microsoft’s recent World Trend Index, Canadians are “trending more toward burnout” during the workday, with 47 per cent feeling exhausted versus 39 per cent globally, and 51 per cent feeling stressed versus 42 per cent globally.
When organizations first transitioned to remote work at the start of the pandemic, security and IT teams tended to focus on protecting hastily installed remote work support systems. However, a year later, as systems become more secure, the risk for human error is more of a threat than ever.
Increase in Stress and Distractions
In its Psychology of Human Error report, security firm Tessian found that stress, distraction and workplace disruption led to people making mistakes at work. In fact, 43 per cent of employees reported that they had made mistakes resulting in cybersecurity repercussions for themselves or their company while stressed or distracted.
Increase in Scams
According to a recent report by non-profit Anti-Phishing Working Group (APWG), there has been an increase in online phishing attacks targeting webmail and other cloud-based services since the start of the COVID-19 pandemic. Cybersecurity experts have warned that remote workers are particularly vulnerable to phishing scams.
Increase in Demands
When remote workers are distracted, stressed or suffering from burnout, the cost can be detrimental to organizations. The average ransom demand in Canada has increased by 33 per cent since late 2019, to a current average of $111,605. As online fraud and attempts to steal personal, financial and corporate information continue, it’s more important that ever for organizations to increase cybersecurity awareness and address employee burnout.
Overcoming Cyber Threats in a 5G World
As the fifth generation (5G) mobile network becomes increasingly accessible, cybersecurity risks also increase. While 5G has many benefits—including more reliability, massive network capacity and improved efficiency—the increased connectivity also allows for more cybersecurity threats that could greatly impact society.
There are several moving parts to navigate when it comes to cybersecurity in a 5G world, and authorities must protect not only 5G infrastructure and services, but also the applications and internet of things (IoT) devices that run across 5G rails. The following are reasons why this more complex system of technologies and operations is susceptible to cyber risks:
- 5G connects the virtual and real world – The convergence of the virtual and real world exposes new points of attack for cybercriminals and leads to challenges in cybersecurity management.
- 5G is linked through an application programming interface (API) – 5G utilizes APIs to communicate between service functions. If an API is insecure, it can expose core services to cybercriminals and place the entire network at risk.
- 5G is linked with enterprise, industrial and IoT services – Since 5G will include advanced enterprise, industrial and IoT services, cyber risks are no longer limited to network providers and users; they also extend to much larger systems.
In order to make the most of this technology, it’s imperative that policymakers work with the private sector to implement effective 5G prevention and control measures. These can include:
- Adopting zero-trust frameworks – Zero-trust frameworks ensure that all 5G network activity is secure. This framework limits access to and regulates all interactions, partitions assets through small segments and regularly monitors security systems.
- Verify supply chain security – Recent major cyberattacks make it evident that supply chains are primary targets for hackers. Trustworthy components and vendors must make up the foundation for 5G cybersecurity.
- Preventive security controls – Regulators can utilize machine learning capabilities and AI to focus on preventive security controls by periodically monitoring physical devices that are connected to 5G networks, and responding to actions.
Contact The Hull Group today to learn more about protecting your organization against 5G threats.
The Dangers of Spear Phishing
While regular phishing campaigns go after large numbers of relatively low-yield targets, spear phishing scams are aimed at specific targets and utilize specially crafted emails for their intended victims. Spear phishing cybercriminals often make use of background information in order to create a credible narrative. They can utilize information found on social media to decide who is best to both target and impersonate.
Spear phishing threats are built by cybercriminals with the goal of penetrating one organization. There are several dangers, including:
- Stealing sensitive information or valuable intellectual information
- Compromising payment systems
- Hijacking processes for a small number of large payouts via a bank transfer or series of bank transfers
As spear phishing campaigns become more sophisticated, malicious documents are now housed on legitimate sites such as Box, Dropbox, OneDrive or Google Drive, as threat actors know these are unlikely to be blocked by IT.
Spam filters, malware detection and antivirus software can be utilized alongside phishing simulation tests and user education to mitigate spear phishing campaigns.