Global health events in 2020 have accelerated a trend. Office workers are working from home more frequently. This is great for many reasons. Companies can save money on office space. People are often more productive in the environment they’re most comfortable in, their homes. Rush hour can be mitigated with fewer cars on the road.
It’s a weird time to be alive. Millions of people globally are living under government lockdowns, as we collectively endure the COVID-19 pandemic. COVID-19 has brought to light some fundamental truths about humanity, including our deep-seated need for social interactions. It has also highlighted how reliant we are on critical infrastructure like our healthcare systems and internet connections, both of which are currently strained.
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system.
Innovations in technology have been a prime agent for disruption throughout much of human history. Advancements in materials science gave English archers, with their superior longbows, the advantage over the French in many conflicts during the Hundred Years War; such as the Battle of Agincourt. In the late 2000’s, the music industry was forced to reinvent itself in the face of changing consumer consumption models as a result of technological advancements or become irrelevant.
Unsplash The COVID-19 pandemic sweeping the globe has effectively put a stop to the bulk of face-to-face interactions. With social distancing and shelter in place orders in effect, people are stuck at home and relying on the Internet as not only a tool for communication and entertainment but as their only way to earn money during this hectic and uncertain time.
A recent attack on a hospital in Brno, Czech Republic (a COVID-19 testing center)ehowed the extent to which weaknesses in a health center’s cybersecurity system can endanger the lives of patients. During this attack, patients had to be redirected to other hospitals and vital surgeries were postponed - all during a time in which vital testing needed to be carried out and releases needed to be sped up. A study published in the journal Technological Health Care by CS Kruse et al.
The most critical element in combating malicious attempts on technology today is visibility. When considering the sheer amount of various cloud, firewall, IDS/IPS, anti-virus, etc. offerings, integrations are a necessity to enable effective security.
In recent years, many businesses had already begun planning for a gradual shift towards an increasingly remote workforce, yet fewer had implemented a mobile-first strategy, and some were still formulating strategies. At a gradual pace, IT administrators could handle a small percentage of remote workers and saw the management features of device enrollment programs and network security measures as enough to manage a few remote devices and cyber risks.
According to the Pew Research Center, last year, roughly seven percent of U.S. workers regularly enjoyed the option of working from home. Well accustomed to the nature of remote work, these individuals were equipped with stable internet connections, collaboration and communication tools, and security technologies that helped them excel from their home offices.
As if there wasn’t enough to worry about these days, cyber attacks have taken a sharp uptick since the COVID-19 pandemic began this year. From January to March, AT&T Alien Labs Open Threat Exchange (OTX) saw 419,643 indicators of compromise (IOC) related to COVID-19, including a 2,000% month-over-month increase from February to March. Cybercriminals are taking advantage of the shift to remote working, increasing their volume of attacks by nearly 40% in the last month.
