Few organizations were prepared in March 2020 when the pandemic lockdowns caused the number of employees working from home (WFH) to surge from 9% to 77% in a matter of weeks. The transition to remote work was so sudden and unexpected, employers were forced to support employee-owned devices whether they had strategies in place to do so or not.
The attack surface expanded exponentially as new routers, smartphones, mobile devices, and personal PCs began carrying company data. Virtual private network (VPN) and virtual desktop infrastructure (VDI) solutions were hurriedly deployed to provide remote employees with secure access to enterprise resources. Unfortunately, lightweight bring-your-own-device (BYOD) strategies, VPN security issues, and VDI vulnerabilities were soon being exploited successfully by crafty adversaries.
Shell-shocked workers were besieged by coronavirus-themed scams promising financial assistance, healthcare information, and free coronavirus test kits. Government agencies were compromised, including an attack on Washington State’s Employment Security Department that netted attackers an estimated $243 million from fraudulent claims. Even children and their schools weren’t spared. In December, the Cybersecurity and Infrastructure Security Agency reported that the percentage of ransomware incidents targeting K-12 schools had more than doubled in 2020.
In its 2021 Threat Report, BlackBerry shares the hard lessons learned from these initial emergency response measures, and the steps organizations should now be taking to transition to a long-term WFH strategy that is more efficient, effective, and sustainable. Chief among them is the adoption of a Zero Trust framework for remote workers and BYOD devices that are resilient against the tactics, techniques, and procedures adversaries will be employing during current and future times of crisis.
More: Learn more and download a copy of the BlackBerry 2021 Threat Report.