Going hybrid may actually open up your business to more threats

worker
(Image credit: Shutterstock / fizkes)

Going hybrid may actually open up your business to more threats, a new report from HP Wolf Security has found. Its latest global report, “Out of sight & out of mind”, says businesses who deployed a hybrid working model risk having more Shadow IT connecting to their corporate network. With many unsanctioned endpoint devices and tools, and limited visibility, the risk of getting compromised grows. 

Surveying almost 8,500 hybrid-working employees, as well as 1,100 IT decision-makers, the report found almost half of office workers (45%) purchased IT equipment to support home working in the past year. 

Of that number, roughly half didn’t have the devices checked or installed by IT. What’s more, the majority wasn’t thinking of cybersecurity when making their purchasing decision, it was said. 

Phishing threat

At the same time, cybercriminals are getting better at phishing. Employees are clicking on more shady links and downloading suspicious attachments carrying possible malware this year than they did last year, IT pros confirmed, while many remote workers admitted to doing so more often since they started working remotely. To make matters worse, most office workers that click a link or download an attachment, 70% don’t report it to IT. 

They either didn’t want to bother IT, or were afraid of being punished for it. 

Rebuild rates rising

Another metric that suggests cybercriminals are getting better is the rebuild rate - the number of endpoints that require wiping and reimaging due to being compromised. According to the report, four in five (79%) IT teams reported rebuild rates increasing during the pandemic. This number could be even higher, considering the fact that many employees don’t even know they’d been compromised.

"People often don't know if they have clicked on something malicious, so the real numbers are likely much higher," comments Ian Pratt, Global Head of Security for Personal Systems, HP Inc. 

"Threat actors don't always announce themselves, as playing the 'long game' to move laterally and infiltrate higher-value infrastructure has proven to be more lucrative. For example, by using cloud backups to exfiltrate sensitive data in bulk, encrypting data on servers, then demanding a multi-million-dollar ransom.”

Pratt continues: "It shouldn't be this easy for an attacker to get a foothold - clicking on an email attachment should not come with that level of risk. By isolating and containing the threat you can mitigate any harmful impact, preventing persistence and lateral movement."

The rising number of threats also means IT teams need to put in extra effort to deliver support - something that can’t always be easy to achieve. Most IT teams said the time to triage a threat increased in the past 12 months, with two-thirds of alerts being time-wasting false positives. 

You can also stay safe with the best identity theft protection around

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.