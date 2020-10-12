As telework prolongs, organizations may delay key updates, which exposes them to attacks, F-Secure’s Chief Security Officer Erka Koivunen thinks.

In March Finnish working life faltered when thousands of employees moved their workbooks from the office to the home sofa for the first time. Teleworking was trampled on in many places suddenly and pretty much empty.

There are risks involved, F-Secure’s Chief Security Officer Erka Koivunen says. According to him, many of the changes to the network infrastructure that enable teleworking were made without compromising data security and straightening bends.

“The changes have been made with the immediate goal of making the services work, not so much to be maintained or secure. There has been an idea that pace corrects mistakes, and you can later go back to building the systems in order, ”he formulates.

“I argue that one, if not another, organization is still unresolved.”

Koivunen is now calling for network monitoring and for companies to check whether they have rushed to open up unnecessarily wide access to the company’s network services for employees.

Emergency solutions have also been visible to the Cyber ​​Security Center. Security Specialist Aino-Maria Väyrynen says that in March, the number of unprotected devices in Finnish networks increased by a quarter from the beginning of the year. By this he means, for example, that the file-sharing service, which is typically used on a secure intranet in an office, has now appeared on the public Internet. This exposes both devices and users to abuse.

Väyrynen urges organizations to ensure that they know what part of their network traffic passes through an encrypted VPN connection and what is in an open network.

Ills may increase as telework continues. Koivunen thinks that the next challenge is to upgrade computers and phones, which is central to information security. In many organizations, updates have previously been handled on intranets or physically in the workplace.

“Now that we are in Rymättylä or on the other side of the world, there is no micro-support to help.”

Complicating matters is the fact that a failed update can, in the worst case, render the tool unusable.

“For some organizations, this has led them to be reluctant to make changes, ie to install software updates, when they are afraid to die of violating its environment,” Koivunen describes.

“Such traces will certainly begin to appear now, after more than six months of living in a state of emergency.”

According to Koivunen, the problems are repeated in international companies, where it is difficult and expensive to transport equipment safely from one employee to another. In addition, a plane on its way may still be stuck in customs warehouses for months.

Koivunen emphasizes, however, that the coronavirus is first and foremost a disease – and therefore a threat to staff illness.

“I would like to remind companies that Korona is not, in principle, a cyber threat or an IT problem,” he points out.

“If a significant portion of the workforce falls ill, completely different types of business continuity threats begin to emerge. If so far no explanation has been made in the organization as to whether some business processes or systems depend on only one person, then now it is time to start thinking about whether they are properly documented and whether the deputies have been trained. ”

Cyber ​​Security Center Väyrynen says that attacks on VPNs have increased this year. However, the growth was already visible from the beginning of the year before teleworking, ie the connection to the changes caused by the corona pandemic is not clear. In addition, the increased use of VPN connections may also have increased the interest of security researchers in investigating them, resulting in more attacks being found.

Data fishing companies are also growing, albeit even over a longer period of time than the corona. According to Väyrynen, efforts have been made to capture people’s personal data, among other things, in order to enable theft, in addition to which the Cyber ​​Security Center has become aware of blackmail attempts against both organizations and individuals.