Private and public-sector cyber leaders last week unleashed a flurry of memos and reports doubling down on protecting critical infrastructure from cyberattacks and attributing the rise in cyber threats and vulnerabilities to remote work and poorly secured cloud-based technologies.
SolarWinds, the IT management software company at the epicenter of the software supply chain hack that roiled the cyber world in December 2020, released a new report revealing a sharp increase in cyber vulnerabilities at public-sector organizations during the pandemic. SolarWinds believes remote work and a dip in “cyber awareness” as IT employees begin to burn out after a “crisis” year are the primary reasons for the increase in cyber vulnerabilities at public sector organizations.
The Cybersecurity and Infrastructure Security Agency (CISA) also released a joint cybersecurity advisory with the Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and the Federal Bureau of Investigation (FBI) highlighting remote work, VPNs and cloud-based technologies as the top targets for cyber criminals and malicious nation-state actors in 2020.
In 2021, “perimeter-type devices” on the network edge are the new hot targets. That includes cell phones, laptops and any devices connected to an organization’s cloud-based network.
The White House then issued a memo announcing an Industrial Control Systems Cybersecurity Initiative headed by the Department of Homeland Security to ensure and enhance critical infrastructure resiliency against cyberattacks.
The news comes as ransomware attacks pummel federal agencies and critical infrastructure sectors, such as water and energy, after many of these organizations shifted to remote work due to the COVID-19 pandemic.
According to SolarWinds and CISA, this shift to remote work spawned a wealth of opportunities for cyber criminals and nation-state actors to exploit remote employees’ lack of cyber awareness or lack of adequate cyber resources in a remote environment.
SolarWinds believes now is the time for public-sector organizations to refine and enforce aggressive cybersecurity strategies before “cyber complacency” takes hold.
“Although the shift to remote work was cited as a leading factor in heightened risk exposure for businesses over the past year, many tech pros (professionals) have reached the point where they’re confident with remote-work policies — but this moment in time represents a critical inflection point for organizations, as hubris can sink into widespread security apathy and complacency,” according to the SolarWinds report.
Despite the grim warning about the cyber dangers of remote work, 59% of respondents to SolarWinds’ survey “are confident or extremely confident their IT organizations will continue to invest in risk management/mitigation technologies over the next three years,” and 81% agree or strongly agree their IT organizations are "prepared to manage, mitigate and resolve risk factor-related issues due to the policies and/or procedures they already have in place.”
Tech professionals at public-sector organizations listed investments in security, network infrastructure and cloud computing as their top three strategies for mitigating cyber risk, according to the report, but only 31% of survey respondents believe their tech leaders are “prepared to mitigate and manage risk.”
“When it comes to risk management and mitigation, prioritizing intentional investments in technology solutions that meet business needs is critical,” said Sudhakar Ramakrishna, president and CEO of SolarWinds, in the press release. “More than ever before, tech pros must partner closely with business leaders to ensure they have the resources and headcount necessary to proactively address security risks. And more importantly, tech pros should constantly assess their risk management, mitigation and protocols to avoid falling into complacency and being 'blind’ to risk.”
CISA amplified the importance of cyber hygiene in its advisory and encouraged private and public organizations to routinely share information with CISA regarding cyber incidents and vulnerabilities. The agency also said consistent software patching is one of the most important things an organization can do to avoid breaches.
“Organizations that apply the best practices of cybersecurity, such as patching, can reduce their risk to cyber actors exploiting known vulnerabilities in their networks,” said Eric Goldstein, executive assistant director for cybersecurity at CISA, according to the press release.