By Yossi Appleboum, CEO at Sepio Systems

Slowly but surely the world is returning to normal. Well...a "new normal". This new normal consists of a new fashion trend (I can only imagine that the face mask market is booming), limited physical contact, glass screens separating people, staggered work schedules and increased physical distance between staff within the office. Not surprisingly, organizations are focusing on the health-related changes that need to be made which, of course, is essential but should not be the sole focus of their new norm. Cybersecurity has also been seriously impacted by the virus.

COVID-19 caused almost the whole world to come to a standstill. For those of us that did still work, we spent our days working from home - be that actually at home, or in the coffee shops, libraries and other various locations that slowly began to open even when our offices remained shut. Working from home, besides the obvious benefits that it brings, has some major downfalls and I am not just talking about cabin fever. Cybersecurity is seriously forgone when employees work from home. This is often because the devices that are being used for work purposes are also being used for personal purposes.

Imagine using your personal laptop with the same security features as your computer at work. Depending on the organization, that might mean no Netflix - heaven forbid! - no charging your phone through your laptop, no online shopping, no instant messaging and the list goes on. So basically your laptop has no purpose other than for work and who wants that? Bad actors exploit the lack of security and COVID-19 has let them thrive. And, believe me, they are thriving. Since the beginning of the pandemic, instances of cybercrime have increased by 300% in the US alone, according to the FBI, since much of the country's daily activities are now being conducted online.

Furthermore, this sudden switch has meant that new remote workers were not provided with sufficient training regarding cybersecurity and therefore unknowingly allow for attacks to take place. One of the main ways in which attackers are exploiting the increase in remote work is through hardware-based attacks - either through spoofed peripherals or manipulated network implants.

With more devices being used at home, the more peripherals being used as well; be that a keyboard, mouse, charger or USB drive. Employees typically do not think twice about using a keyboard or USB charger, yet this is a naïve outlook since bad actors are increasingly manipulating these peripherals in order to carry out malicious activity such as espionage, data breaches, malware installation, and more; all while the user and the computer are completely oblivious. The user is unaware since the device appears genuine and will carry out the functions that it is expected to. To the computer, the devices are recognized as legitimate HIDs, thus sees them having no cause for concern.

Additionally, working from home means connecting to open, unsecured networks which can also cause a significant risk to cybersecurity. Employees' lack of awareness that open networks present a hardware risk is a serious vulnerability for organizations today. Network implants provide bad actors with unauthorized remote access to the enterprise's network and confidential data. Attacks of this nature occur on the Physical Layer which cybersecurity software solutions do not cover, thereby allowing the attack to take place without being detected.

Since it is now easier for perpetrators to carry out attacks, the return of employees and their potentially compromised devices is something that CISOs need to take very seriously, especially when awareness surrounding this type of attack is very limited. A sufficient policy must be planned and implemented in order to reintegrate these devices in the safest way possible. The ideal solution would be to employ a Rogue Device Mitigation software to ensure that the enterprise is fully equipped to detect the presence of a Rogue Device and block them before any damage is done.

##

About the Author

Yossi Appleboum, CEO, Sepio Systems Inc.

As CEO of Sepio Systems, Inc., Yossi is responsible for North American operations at Sepio. He brings 25 years’ experience in security, networking, and computer science and control systems, along with a wide-angle perspective to cyber security threats and unique security solutions.

In the early 1990s, Yossi joined the technology unit of the Israeli Army Intelligence Corps (Unit 8200). As team leader and chief architect, he focused on design and development of critical infrastructure network monitoring and security systems.

In 1998, Yossi co-founded WebSilicon, a company dedicated to delivering advanced networking and security systems. As VP of research and development, Yossi was involved in the design and implementation of numerous systems for government agencies, integrators and vendors worldwide. In 2007, Yossi became the company’s CTO, responsible for North American business activities. In this role, he worked with key customers to develop next-generation network monitoring and security systems.

In 2013, WebSilicon was acquired by Magal, one of the world’s largest physical security integration companies. After the acquisition, Yossi led the integration of the company into Magal and was instrumental in rebranding WebSilicon as CyberSeal. Yossi served as CTO for cyber security of Senstar, the North American division of Magal, and relocated to the United States to work closely with key customers and partners. As CTO, Yossi was involved in all phases of development of the Tungsten Cyber Security Appliance and the Rubidium Central Monitoring Systems. These solutions converge physical and logical security and introduce a higher echelon of cyber security to the market.