We are in the midst of a dramatic global cultural change due to the COVID-19 pandemic. Online education and remote work environments that were once flexible options are now becoming the new normal — and demand is only increasing. Due to social distancing imperatives to combat the virus, schools across the country have sent students home to be educated remotely, and administrators, educators, and staff must now quickly collaborate to deliver all curriculum online.
CIOs must support this expanding virtual education world to meet the massive surge in demand. And CSOs must secure the environments for increased virtual education and for remote workers at home, ensuring that all endpoints and cloud workloads are available and secure.
Cybersecurity adversaries are keenly aware of these challenges — and the opportunities they present for attack. CrowdStrike Intelligence has observed adversaries using phishing campaigns with lures claiming to provide information about health guidelines, virus containment, infection rates, or other COVID-19-related news, and we assess with high confidence that this trend will continue.
In addition to these phishing lures, adversaries are also taking advantage of the increase in employees working from home to use lures that spoof their company’s internal guidance and procedures, human resources, and IT department.
Companies and education institutions are now facing complicated, unexpected business and security challenges, including the need to support a large number of remote workers, protect current and new (often employee-owned) endpoints, and remotely provide IT support and incident response. And, the scale of remote access solutions must expand so that remote workers can access critical company applications and data that have typically been accessed on business enterprise networks guarded by a firewall.
Traditional on-premises support teams and infrastructure teams were not designed for this sudden surge in remote work. Issues we are now seeing include:
- Lack of visibility and security for the surge in remote endpoints (mobile/laptops/desktops) and new data center/cloud workloads (servers/virtual)
- Lack of remote incident response for remote workers, data centers and cloud computing
- Lack of remote IT support for troubleshooting and patching
- Lack of trained cybersecurity and IT staff that are ready for remote delivery
- Lack of workflows and processes in place when working, supporting and collaborating remotely