A new survey has highlighted the cybersecurity risks remote workers face in the new era of home working, against a constant background of breaches and attacks.
The survey, carried out for cloud provider Doherty Associates, covered 3,000 IT decision makers (ITDMs) and 2,000 general workforce members across companies in private equity, investment, asset management, insurance/underwriting and legal services. It was carried out in December 2020.
In the months since the survey was carried out there have been many high and low profile cyber attacks. Russian state-linked hackers breached SolarWinds network management technology, compromising thousands of companies and government offices. Different nation-state hackers, this time assessed as being Chinese backed, developed methods of entering and taking over on-premises Microsoft Exchange Server kit, allowing the compromise of entire networks. Initially these exploits were used only against specially targeted organisations, but once details became public cybercriminals sought to take over systems en masse, with the idea that later it would be possible to select the most valuable victim organisations from among those hacked.
Data breaches and intrusions can be damaging on many levels, as UK-based retailer FatFace has found in recent months. The Conti cybercriminal gang gained access to its systems in January, managing to steal much of the company’s data and encrypt its files. FatFace was forced to pay a $2m ransom to retrieve its own data, and to confess the data breach to the Information Commissioner’s Office (ICO), the UK data regulator – as it was obliged to do under the General Data Protection Regulation (GDPR), the data rules adopted both by the EU and Brexit Britain. As if this wasn’t enough, the retailer inflicted even more reputational damage on itself by dragging its feet for months before informing customers that their information had been compromised, and unwisely attempting to make them keep the fact of the breach quiet.