As more people begin to make their way back to the workplace, the National Policing Lead for cyber crime has issued a stark reminder about the vulnerabilities that could have been left behind when the UK was locked down.
Chief Constable Peter Goodman, who heads Derbyshire Constabulary but is also the National Lead for Cyber Crime and for Serious Organised Crime, National Police Chief’s Council (NPCC), has warned employees that malware could well be sitting on their computers waiting for their return.
Addressing the Security Awareness Special Interest Group (SASIG), Chief Constable Peter Goodman, said:
“One of our concerns in the UK is the number of businesses that have been abandoned during the last seven weeks.
“I don’t mean that in an irresponsible way, because people have not been able to go to work, they have not been able to see what is going on in their digital space at work as effectively, because IT specialists have been off, cyber security specialists have been off, whole premises have been closed down.
“We are just a bit concerned about what people might get back to when they do finally get back to work permanently.
“We are preparing ourselves for businesses asking for more from us over the next few months as they do start getting back to some form of normality.
“Because unfortunately some may have locked the front door but have forgotten to close the back door as they left. We do anticipate that there may be some malware sitting on people’s systems as they get back to work.”
It’s a threat that cyber security specialist Redscan are also monitoring.
George Glass, Head of Threat Intelligence at Redscan, said:
“During the Covid-19 pandemic there has been a steady stream of organisations reporting cyber attacks.
“However, this is only likely to be the tip of the iceberg. Many more organisations are certain to have been targeted without their knowledge.
“As employees return to work post-lockdown and connect directly to corporate networks, organisations need to be alert to the possibility that criminals could be lying dormant on employee devices, waiting for the opportunity to move laterally through a network, escalate privileges and deploy ransomware.
“Furthermore, an over-reliance on traditional AV solutions could lead to the latest fileless and polymorphic malware variants being missed.
“These variants don’t have static signatures, meaning that the only way to effectively identify and respond to them is by leveraging a behavioural-based approach to detection as well as containing and disrupting malicious activity as early as possible.”
