Defining a new domain
by Jon Kuiperij – May 19, 2022
Sheridan's campuses and operations are now closed and will reopen on Thursday, January 2. Classes start on Monday, January 6. Current students can access virtual wellness resources on Sheridan Central. Have a safe and restful break!
More people are working from home than ever before, and cybercriminals are trying to cash in. According to a Statistics Canada survey, 42% of Canadians experienced at least one type of cyber security incident in the first nine months of the COVID-19 pandemic, and 36% of those Canadians experienced a loss as a result of the incident.
In this Q&A, Nick Johnston of Sheridan’s Honours Bachelor of Information Sciences (Cyber Security) degree discusses the cyber security risks of working from home, what employers and employees can do to minimize them, and how the movement towards remote work is impacting the cyber security industry.
When you’re in your office, you’re connected to your employer’s Wi-Fi or network, which allows them to control communication between all of your devices and the outside world, including email and file sharing. But when you’re working from home, you’re on your own network with other devices in your home, which increases your exposure.
“We tend to be more relaxed when we're at home. We might not be quite as diligent with security practices... or as vigilant about phishing.”
There are other things about working remotely that can make you more vulnerable, like how we tend to be more relaxed when we’re at home. We might not be quite as diligent with security practices such as locking our screens when we leave our desks, or as vigilant about phishing — fraudulent communications designed to trick you into revealing sensitive information. For example, you may be more likely to click on a phishing email about returning to work because we’ve all been so eager for information during the COVID-19 pandemic.
In a typical office, you’re safeguarded by network security features such as firewalls and spam filtering. There’s also virus and malware detection that takes place through the use of an Endpoint Detection and Response (EDR) utility, which identifies things happening on your machine that might impact security.
Even if you’re running an EDR utility on your machine at home, it takes a little longer for that information to make it back to your IT security team. So, if you get hit by something like ransomware that will try to encrypt your files and then demand a ransom for access to them, your IT department might not be able to stop it before it affects the data on your machine.
Every year, Verizon publishes a great report about data breaches. In the last couple of years, it seems that education, health care and government have been the industries most affected by breaches.
Cybercriminals going after government information makes sense, and the targeting of education and health care could be related to budgetary constraints or some of the protected/personal health information (PHI) data that is available. PHI is extremely valuable to cybercriminals for a number of reasons, including blackmail and extortion (they can threaten to leak your conditions or medications), fraud (they can pretend to be you to get medical equipment and prescriptions) or traditional identity theft.
Conversely, cyber security in the manufacturing sector has really made great strides in a short period of time. That could be because of the industry’s long history of examining its processes and looking at structured approaches to improvement.
“We're no longer bombing down dirt roads when we go on the internet. We're on a controlled highway. That said, there can still be collisions, accidents and treacherous conditions, so we still need to be diligent and vigilant.”
Email vigilance is a big one, since the most significant vector for attacks tends to be phishing. When you get an email that sounds threatening or a bit too urgent, take a few seconds to think about it. There’s nothing wrong with showing a co-worker and asking, “Hey, does this look right to you?”
It’s also important to have technical discipline, such as not using the same passwords all the time. If a website you use is breached and cybercriminals discover your password, they’re going to try to use that password everywhere else. Using a password manager — an online tool which enables you to store unique passwords for every website without having to worry about remembering them — can help a lot.
Using a VPN (Virtual Private Network) allows you to have a more secure connection with your workplace and any resources you might need.
And don’t do things like turn off anti-virus because you think it speeds up your computer (that’s not a thing anymore) or not allow your computer to do updates. Employers can put the update schedule and the antivirus software and the VPN software on their employees’ laptops, but there’s also accountability on the employee’s part to make sure they are using those things.
Without getting too jargony, there’s a term in cyber security right now called Zero Trust. Traditionally, company networks have been like a castle that is surrounded by a wall or a moat, which is the firewall that forms a perimeter. Everyone inside the castle walls was trusted — a good guy, someone on my team. Now, with so many people working remotely and using so many different resources to do their jobs, the concept of Zero Trust says there is no internal anymore. There is no trusted safety perimeter.
What makes the Zero Trust model a bit trickier or more complicated is that we need more authentication measures to prove people are who they say they are. You may need to type in your password again, or you may get a multifactor authentication prompt. Security will look at what time you’re logging in and what country you’re logging in from so that it can build patterns and baselines, and whenever you deviate from those, the standard will be to ask for more information.
On the whole, however, I’m a bit of an optimist about where cyber security is right now. We’re no longer bombing down dirt roads when we go on the internet. We’re on a controlled highway. That said, there can still be collisions, accidents and treacherous conditions, so we still need to be diligent and vigilant.
This interview was originally published on Nov 30, 2021 under the Take 5: Sheridan Experts Share Insights banner.