Hey Habr! Today we want to sum up a little the IT changes in companies that have occurred as a result of the coronavirus pandemic. Over the summer, we conducted a large survey among IT managers and remote workers. And today we are sharing the results with you. Under the cut - information about the main problems of information security, growing threats and methods of combating cybercriminals during the general transition to remote work by organizations.
Today, in one way or another, every company operates in a new environment. Some employees (including those who were completely unprepared for this) were transferred to remote work. And many IT people had to organize work in new conditions, and without the necessary tools for this. To find out how it all panned out, we at Acronis conducted a survey of 3 IT managers and remote workers in 400 countries. For each country, 17% of survey participants were members of corporate IT teams, while the remaining 50% were employees who were forced to work remotely. To make the picture more general, the respondents were invited from different sectors - public and private structures. You can read the study in full , but for now we will focus on the most interesting conclusions.
Pandemic is expensive!
The survey results showed that 92,3% of companies were forced to use new technologies to transfer employees to remote work during the pandemic. And in many cases, not only a new subscription was required, but also the costs of implementing, integrating and securing new systems.
Among the most popular solutions that have expanded the list of corporate IT systems:
-
For 69% of companies, these were collaboration tools (Zoom, Webex, Microsoft Teams, etc.), as well as corporate systems for working with shared files
-
38% added privacy solutions (VPN, encryption)
-
24% expanded security systems for endpoints (antivirus, 2FA, vulnerability assessment, patch management)
At the same time, 72% of organizations noted a direct increase in IT costs during the pandemic. For 27%, IT spending increased significantly, and only one in five companies were able to reallocate their budget while keeping IT spending unchanged. Of all the companies that took part in the survey, only 8% reported a decrease in the cost of their IT infrastructure, which is likely due to large-scale layoffs. After all, the fewer endpoints, the lower the cost of maintaining the entire infrastructure.
And only 13% of all remote workers globally reported not using anything new. They were mainly employees of companies from Japan and Bulgaria.
More attacks on communications
In general, the number and frequency of attacks increased noticeably in the first half of 2020. At the same time, 31% of companies were attacked at least once a day. 50% of survey participants noted that over the past three months they were attacked at least once a week. At the same time, 9% of companies were attacked every hour, and 68% - at least once during this time.
At the same time, 39% of companies faced attacks specifically on video conferencing systems. And this is not surprising. Take Zoom alone. The number of platform users has grown from 10 million to 200 million in a couple of months. And the keen interest of hackers led . The zero-day vulnerability provided an attacker with complete control over a Windows PC. And during a high load on the server, not everyone was able to download the update and not immediately. In particular, this is why we have implemented protection tools for collaboration platforms such as Zoom and Webex in Acronis Cyber Protect. The idea is to automatically check for and install the latest patches in Patch Management mode.
An interesting divergence of answers showed that not all companies continue to control their infrastructure. For example, 69% of remote workers have begun using communication and collaboration tools since the start of the pandemic. But only 63% of IT managers reported implementing such tools. This means that 6% of remote workers use their gray IT systems. And the risk of information leakage in such work is maximum.
Formal Security Measures
Phishing attacks turned out to be the most common for all verticals, which is fully consistent with our previous studies. Meanwhile, malware attacks — at least those that were detected — ranked last in the ranking of dangers according to IT managers, with only 22% of those surveyed.
On the one hand, this is good, because it means that the increase in companies' spending on endpoint protection has yielded results. But at the same time, phishing, which reached its maximum during the pandemic, ranks first among the most pressing threats of 2020. And at the same time, only 2% of companies choose corporate information security solutions with the URL filtering function, while 43% of companies focus on antiviruses.
26% of survey participants indicated that vulnerability assessment and patch management should be key features in their enterprise endpoint security solution. Among other preferences, 19% want built-in backup and recovery capabilities, and 10% want endpoint monitoring and management tools.
The low level of attention to combating phishing is probably due to the implementation of the requirements of certain regulations and recommendations. In many companies, the approach to security remains formal and adapts to the real IT threat landscape only in conjunction with regulatory requirements.
Conclusions
According to the results of the study, security experts noted that despite the expansion of remote work practices, companies today continue to experience security problems due to vulnerable servers (RDP, VPN, Citrix, DNS, etc.), weak authentication techniques and insufficient monitoring, including remote endpoints .
Meanwhile, perimeter protection as an information security method is already a thing of the past, and the #WorkFromHome paradigm will soon turn into #WorkFromAnywhere and become a major security challenge.
By all appearances, the future cyber threat landscape will be determined not by more complex, but by more extensive attacks. Already now, any novice user will be able to access kits for creating malware. And every day there are more and more ready-made “hacker development kits”.
Across industries, employees continue to show low levels of awareness and willingness to follow safety protocols. And in conditions of remote work, this creates additional problems for corporate IT teams, which can only be solved with the use of comprehensive security systems. That is why the system was developed specifically with market requirements in mind and is aimed at comprehensive protection in the absence of a perimeter. The Russian version of the product will be released by Acronis Infozashchita in December 2020.
We will talk about how the employees themselves feel remotely, what problems they face and whether they want to continue working from home, we will tell in the next post. So don't forget to subscribe to our blog!
Source: habr.com