How has COVID-19 changed cybersecurity in Australia?

How has COVID-19 changed cybersecurity in Australia blog

The COVID-19 pandemic has brought changes to Australian businesses that many weren’t prepared for. Public lockdowns have affected demand for products and services, with some businesses temporarily shutting down to cut costs. Social distancing requirements have scattered traditional offices. To make matters worse, it has dramatically altered the cybersecurity needs of Australian businesses.

Shift to remote work security

Before the global health crisis, the average employee had to be in the office to connect to the company’s network using business equipment. Protections like corporate firewalls and intrusion prevention systems were built around these locations to secure the network perimeter. However, COVID-19 has pushed employees to work from home, outside their company’s highly secure network perimeter. This introduced new problems to Australian organisations.

For one, home network configurations are highly inconsistent. Certain employees may have outdated routers, while others may be using routers with factory-default configurations and passwords. These give cybercriminals an opportunity to infiltrate home networks, monitor user activity, and intercept data.

Secondly, enabling remote employees to use personal devices for work presents a huge risk. If those devices aren’t thoroughly protected, cybercriminals can gain unfettered access to company networks and assets.

Cybersecurity strategies must, therefore, be changed to address these problems. Australian businesses need to create policies that urge employees to install company-approved firewalls, reliable VPNs, and the latest firmware updates. Remote workers should change the default ID and passwords of their home networks to prevent unauthorised access.

Meanwhile, securing employee devices requires businesses to use mobile device management (MDM) software such as Microsoft Intune. By doing so, system administrators can monitor employee devices and deny access to those that may pose a risk (e.g., unpatched or jailbroken devices). It’s also the best solution for rolling out company-wide software updates, reminding staff to install antivirus software, and wiping compromised devices if necessary.

Increased focus on identity and access management 

Another massive development in cybersecurity since the spread of COVID-19 is the switch from network perimeter security to identity security. Although this was already a trend long before the pandemic, the exodus from offices highlighted the need to protect user accounts. After all, employees can still access business networks, cloud applications, and data as long as they have the right login credentials.

Rather than protecting a network perimeter, a zero-trust approach to security is crucial to securing remote work environments. This framework assumes that anyone who attempts to enter a company’s systems should not be trusted unless they have the right credentials and access privileges.

Australian companies are enabling zero trust security through multifactor authentication and strict access controls. The former fully verifies user identities by requesting for more than one set of user credentials. These credentials can be a combination of passwords, fingerprint scans and facial ID, or one-time SMS codes. On the other hand, access controls limit what users can access based on their roles within the company. This prevents remote employees from tampering with apps they’re not authorised to use and leak sensitive information.

New scams, same techniques

From the outset, phishing scams targeting Australian businesses have stayed relatively the same. Modern scams try to establish trust with victims by masquerading as legitimate corporations or entities. These scams then create a false sense of urgency, so people don’t think twice about where the message came from. Instead, unwitting victims are tricked into giving up personal information, clicking on suspicious links, or downloading malware-laden attachments.

Cybercriminals still use these tried-and-tested strategies, but the content and the disguises used to deceive people are constantly changing. Recently, there have been more cases of phishing scams that prey on people’s fears of COVID-19. In fact, several scams are impersonating Australian government agencies offering coronavirus testing or relief payments.

The only solution to this is customised security training for remote workers. Companies must teach employees about the latest scams and help them develop a critical eye for unsolicited messages and online content. They can do this through informative training videos, weekly email updates, and monthly webinars. Performing phishing simulations is also going to be crucial for testing security awareness and identifying employees who need extra training.

Breach detection goes to the cloud

Distributed workforces and new working environments in the coronavirus era make detecting security breaches a real challenge. It’s not as simple as it is with traditional office settings, where IT experts manually check company networks for any signs of a breach.

The good news is that managed IT services providers (MSPs) already have solutions available to detect threats in real-time. Cloud-based threat detection tools employ artificial intelligence and advanced analytics to assess distributed networks and company-managed devices. They look for things like unusually high system activity and unexpected software processes, and warn companies of threats quickly. This allows businesses to respond to threats and minimise the damage in a timely fashion.

Sudden changes to cybersecurity can be worrying, but businesses that quickly adapt to them can guarantee their survival. Empower IT is one of Australia’s leading MSPs that provides specialised cybersecurity solutions and services. We offer mobile device management, advanced threat protection tools, security advice, and so much more. Call us today to fortify your defences.