Cybersecurity Breaches Hit 20% of WFH Setups During Pandemic

Software provider Malwarebytes reports massive gaps in cybersecurity as employees work from home, creating new opportunity for integrators.


The coronavirus COVID-19 pandemic has opened up yet another big opportunity for custom integration companies: cybersecurity specialization for your clients. As many integrators get called by their clients to upgrade home networks due to increased work from home scenarios, they may be missing an opportunity to offer a broader cybersecurity solution as part of the network deployment.

That opportunity has arisen because work from home setups are a breeding ground for cybersecurity breaches, according to a new study from software provider Malwarebytes. Indeed, the main target for many of the breaches appear to be teleconferencing cameras, which have become so prevalent today.

The company’s report, “Enduring from Home: COVID-19’s Impact on Business Security,” surveyed 200 IT and cybersecurity decision makers from small businesses to large enterprises  unearthed new security concerns in remote work environments.

The data showed that since organizations moved to a work from home (WFH) model, the potential for cyberattacks and breaches has increased. In fact, since the start of the pandemic, 20% of respondents said they faced a security breach as a result of a remote worker. This in turn led to higher costs, with 24% of respondents saying they paid unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders.

In addition, 28% of respondents admitted they’re using personal devices for work-related activities more than their work-issued devices, which could create new opportunities for cyberattacks. This figure becomes more problematic next to another survey result, which indicated that 61% of respondents’ organizations did not urge employees to use antivirus solutions on their personal devices.

“Our fundamental shift to working remotely has dramatically underscored the need for comprehensive security, as well as IT guidance and training to avoid breaches. Many organizations failed to understand the gaps in their cybersecurity plans when transitioning to a remote workforce, experiencing a breach as a result,” said Marcin Kleczynski, CEO and co-founder of Malwarebytes.

“The use of more, often unauthorized, devices has exposed the critical need for not just a complete, layered security stack, but new policies to address work from home environments. Businesses have never been more at risk and hackers are taking notice.”

AveMaria Malware Attacks Up 1,289%

On the threat landscape, Malwarebytes observed that cybercriminals have adapted to take advantage of improperly secured corporate VPNs, cloud-based services, and business email—all which could be used for infiltration of corporate assets. There has also been a surge in phishing emails that use COVID-19 as a lure to cover up malicious activity.

These emails contain commercial malware, such as AveMaria and NetWiredRC, which allow for remote desktop access, webcam control, password theft and more. Malwarebytes data showed that AveMaria saw a bump of 1,219% from January to April 2020, an enormous increase from 2019. According to Malwarebytes telemetry, AveMaria mostly targeted large enterprise businesses. Similarly, NetWiredRC observed a 99% increase in detections from January to June, primarily targeting small- and medium-sized organizations.

“Threat actors are adapting quickly as the landscape shifts to find new ways to capitalize on the remote workforce,” said Adam Kujawa, director at Malwarebytes Labs. “We saw a substantial increase in the use of cloud and collaboration tools, paired with concerns about the security of these tools. This tells us that we need to closely evaluate cybersecurity in relation to these tools, as well as the vulnerabilities of working in dispersed environments, in order to mitigate threats more effectively.”

Despite this, companies appear to have a high level of confidence about the transition to working from home, with roughly three quarters (73.2%) of those surveyed giving their organizations a score of 7 or above on preparedness for the transition to WFH. A majority of companies with less than 700 employees (84.1%) moved more than half of their workforce, but not all (61% to 80%). On the other hand, companies with at least 700 employees opted to move almost all their workforce home (81% to 100%).

In the wake of this shift, 45% of respondents’ organizations did not perform security and online privacy analyses of software tools deemed necessary for WFH collaboration. And frightfully, while 61% of respondents’ organizations provided work-issued devices to employees as needed, 65% of respondents’ organizations did not deploy a new antivirus solution for those same devices.

About the Author

Jason Knott
Jason Knott:

Jason Knott is Chief Content Officer for Emerald's Connected Brands. Jason has covered low-voltage electronics as an editor since 1990, serving as editor and publisher of Security Sales & Integration. He joined CE Pro in 2000 and serves as Editor-in-Chief of that brand. He served as chairman of the Security Industry Association’s Education Committee from 2000-2004 and sat on the board of that association from 1998-2002. He is also a former board member of the Alarm Industry Research and Educational Foundation. He has been a member of the CEDIA Business Working Group since 2010. Jason graduated from the University of Southern California.