As feared, telecommuting or work-from-home arrangement posed network vulnerabilities that hackers exploited. The result of the cybersecurity solutions firm Malwarebytes’ survey reveals 20% of respondents said they faced a security breach as a result of a remote worker.

On top of the loss of revenue, 24% of the affected organizations had to pay “unexpected expenses to address a cybersecurity breach or malware attack following shelter-in-place orders,” according to Malwarebytes’ latest report titled “Enduring from Home: COVID-19’s Impact on Business Security.”

Malwarebytes surveyed more than 200 managers, directors, and C-suite executives in IT and cybersecurity roles at companies across the United States.

Magniber ransomware expands reach to more Asia-Pacific countries

‘Hidden Bee’ miner uses malvertising to lure victims

“Our fundamental shift to working remotely has dramatically underscored the need for comprehensive security, as well as IT guidance and training to avoid breaches,” said Marcin Kleczynski, CEO and co-founder of Malwarebytes. “Many organizations failed to understand the gaps in their cybersecurity plans when transitioning to a remote workforce, experiencing a breach as a result.”

Also, 28% of respondents said they use personal — unsecured — personal devices for work-related activities widening the vulnerability scope that hackers were able to attack. Unfortunately, the survey also saw that 61% of respondents’ organizations failed to urge employees to secure their personal devices with at least anti-virus solutions.

“The use of more, often unauthorized, devices has exposed the critical need for not just a complete, layered security stack, but new policies to address work from home environments. Businesses have never been more at risk and hackers are taking notice,” Kleczynski said.

Corporate assets

On the threat landscape, Malwarebytes observed that cybercriminals have adapted to take advantage of improperly secured corporate VPNs, cloud-based services, and business email — all which could be used for infiltration of corporate assets. A significant number of attacks took advantage of the COVID-19 pandemic in duping unsuspecting employees to open an email and click on links that may have contained malicious software.

These emails contain commercial malware, such as AveMaria and NetWiredRC, which allow for remote desktop access, webcam control, password theft, and more. Malwarebytes data showed that AveMaria saw a bump of 1,219% from January to April 2020, an enormous increase from 2019. According to Malwarebytes telemetry, AveMaria mostly targeted large enterprise businesses. Similarly, NetWiredRC observed a 99% increase in detections from January to June, primarily targeting small- and medium-sized organizations.

Work from home

“We saw a substantial increase in the use of cloud and collaboration tools, paired with concerns about the security of these tools,” said Adam Kujawa, director at Malwarebytes Labs. “This tells us that we need to closely evaluate cybersecurity in relation to these tools, as well as the vulnerabilities of working in dispersed environments, in order to mitigate threats more effectively.”

Despite this, companies appear to have a high level of confidence about the transition to working from home, with roughly three quarters (73.2%) of those surveyed giving their organizations a score of 7 or above on preparedness for the transition to WFH. A majority of companies with less than 700 employees (84.1%) moved more than half of their workforce, but not all (61–80%).

Companies with at least 700 employees opted to move almost all their workforce home (81–100%). In the wake of this shift, 45% of respondents’ organizations did not perform security and online privacy analyses of software tools deemed necessary for WFH collaboration. The survey also saw that 61% of respondents’ organizations provided work-issued devices to employees as needed, 65% of respondents’ organizations did not deploy a new antivirus solution for those same devices.