Cybercriminals are creatures of opportunity and the COVID-19 crisis worldwide has created ample means, motivation, and methods for taking advantage of the world’s workforce now primarily operating from home instead of the safer confines of enterprise networks.
Related Content: Securing Remote Workers; Fact and Fiction - On-Demand Webcast
Financial institutions were already a target-rich environment for cybercriminals since they offer multiple avenues for profit such as extortion, theft, and fraud. Even before the COVID-19 pandemic, cybersecurity was among the top three concerns for financial
institutions.
The swift and dramatic shift of the workforce to a work-from-home model exacerbates the problem, and community banks working with smaller IT teams can be overburdened with the necessity to be as vigilant as larger banks but with fewer resources.
The FDIC has published resources for financial institutions affected by COVID-19 offering recommendations for how to handle their services and interact with customers during this time. But what about community banks’ need to protect themselves and their customers from cyberattacks?
Three months ago, the vast majority of employees worked from
physical business locations, where many times they were protected by the
valiant efforts of dedicated IT and security staff equipped with perimeter and end-point defenses. Highly monitored networks, DMZs, SIEMs, email filtering, enterprise-level authentication, and the advanced incident correlation could often provide a solid deterrent against many attackers. Now, many financial institutions have had to quickly shift much, if not all, of their workforce to operate remotely from home.
Home networks rarely have advanced protections in place and
more often than not operate with basic firewalls built into home routers with default settings, built-in or inexpensive low coverage anti-virus solutions, and nearly no network monitoring. This
is not ideal for banks inherently required to ensure the safety and security of vast amounts of sensitive data.
It is often the goal of community bank cybersecurity professionals to make defenses as transparent as possible to end-users. Security is in a constant struggle to be effective, but not impact daily operations. In this model, many security tools operated and protected users without employees even knowing. Now that protection is gone in many cases and users who may have worked their entire careers inside the confines of an environment maintained by IT are now bearing the responsibility of being more aware, more vigilant, and more knowledgeable to compensate.
Cybercriminals are well aware of these conditions and are
taking every opportunity to compromise this vast new remote workforce.
There is a multitude of attack vectors readily available to cybercriminals targeting remote workers that are not nearly as accessible when they are on a business network.
Home networks are often protected by very basic firewalls built into ISP routers. These are often configured to be as open as possible to allow ease of access, and typically use default passwords for remote access. Even more tech-savvy people may purchase their own wireless routers or mesh network setups, but typically only complete basic configuration and often do not change default passwords or set advanced security functions.
This means that home routers and networks are very accessible to even moderately skilled cybercriminals.
Phishing attacks have dramatically increased recently and remained one of the most utilized methods for compromising workers and business networks. This is largely due to the fact that emails have the ability to subvert most traditional network security by utilizing unknowing employees to give them access.
Related Reading: New Spear Phishing Attacks Use Fake O365 Link to Gain Access
With fear, anxiety, and misinformation running rampant surrounding the COVID-19 crisis, cybercriminals have a wide array of organizations to impersonate that now carry much more legitimacy than they normally would. Banking has long been a target of spear-phishing attacks. The pandemic has given hackers new material to work with: They can impersonate entities like the CDC, WHO, and local municipalities (to include school systems). People are exponentially more likely to open, read, and click on attachments and links in these circumstances.
Related Reading: How to Protect Workers Against Phishing Attacks During COVID-19
Luckily, the outlook does not have to be bleak. There are a number of things that organizations can do to extend the protections, offered by their business networks, to their remote workforce. There are also a number of solutions that can be utilized that are built with the security of a remote workforce in mind. Most importantly, education and awareness, as always, are the most important tool in ensuring the safety and security of a remote workforce.
Many community banks likely have access to tools to support securing remote work such as virtual private networks (VPNs), identity management, multi-factor authentication (MFA), single sign-on, and cloud-based solutions that can exponentially increase security if properly utilized.
For pointers check out these articles:
Additionally, many banks have access to educational
resources that cover security awareness, especially around phishing and social
engineering. If your organization does
not have access to these resources, many can be found online for free. More comprehensive and dynamic resources can
be purchased such as Learning Management System (LMS) platforms and even better
are Phishing-as-a-Service (PhaaS) platforms that focus heavily on training
employees to recognize phishing attempts.
For the most effective and holistic solution to securing your remote workforce, small community bank IT teams can engage with professional cybersecurity consulting firms to expand their team and add specialized expertise.
Avertium’s teams of experts specialize in securing remote workers, configuring solutions and platforms to securely support remote work, and ensuring your workforce is educated and vigilant in watching for threats. If you do experience a breach, we offer an incident response, disaster recovery, and digital forensics services.
Cybersecurity at scale, without complexity at scale. Reach out to start the conversation to improve your community bank cybersecurity program.
Corey is the primary point of contact and consultant for Avertium's largest enterprise security customers and he directs a team of highly skilled consultants providing a full stack of expertise to security and compliance projects.