Pandemic leading to ‘ticking time bomb’ for cybersecurity

Most IT teams believe that working from home has become a “ticking time bomb” that might lead to a corporate network breach, according to a recent survey from HP Inc.

The HP Wolf Security Rebellions & Rejections report, released Sept. 9, found that 83% of IT teams surveyed believed that the increase in home working has become a ticking time bomb. The finding was based on a Toluna survey 1,100 IT decision-makers in Canada, the United States, United Kingdom, Mexico, Germany, Australia and Japan.

This finding was in line with a survey from global cybersecurity company Trend Micro that found 84% of North American companies polled expect a data breach of customer records within the next 12 months compared to 74% last year. More than 3,600 businesses of all sizes and industries were polled across North America, Latin America, Europe and the Asia-Pacific region in the first half of 2021. Among the four regions, North America had the highest risk level.

“This was due to North America having a lower perceived readiness than the other regions,” said Trend Micro’s biannual Cyber Risk Index report, produced by the Ponemon Institute and released in early August.

When asked about the type and significance of threats that businesses are now facing, 84% of IT teams in HP’s report saw ransomware as representing a significant or very significant risk. Other threats posed included:

• Unpatched vulnerabilities and firmware attacks on laptops (83%)
• Data leakage (82%)
• Account/device takeover (81%)
• Targeted attacks and man-in-the-middle attacks (for example, active eavesdropping, 81%)
• Internet of Things threats (79%)
• Targeted attacks (77%)
• Firmware attacks against printers (76%).

“Ransomware remained the standout threat in the first half of the year as cybercriminals continued to target big-name victims. Working with third parties to gain access to targeted networks, they used advanced persistent threat tools and techniques to steal and encrypt victims’ data,” Trend Micro said in a press release Sept. 14, when it released its report, Attacks from All Angles: 2021 Midyear Cybersecurity Report. “The banking industry was disproportionately affected, experiencing a 1,318% year-on-year increase in ransomware attacks.”

The global report (including Canada) from Trend Micro revealed that the company blocked 40.9 billion email threats, malicious files and malicious URLs for customers in the first half of 2021, a 47% year-on-year increase.

But despite the increasing level of threat, 76% of IT teams polled by HP felt security had been forced to take a backseat to business continuity during the pandemic.

“The same percentage felt they’re in a no-win situation where they’re being told to lock down security while being pressured to create shortcuts to enable innovation,” HP said in its Rebellions & Rejections report. “And almost all (91%) felt pressured to compromise security if it benefitted business continuity, including 50% who described that as ‘significant’ pressure.”

And while the idea that there is friction between employees and IT teams is not new, “these issues have been exacerbated by the pandemic, which has frayed relationships further and amplified the problem.”

Feature image by iStock.com/Atstock Productions