Latest Security report, titled: Out of Sight and Out of Mind, a comprehensive global study highlighting how the rise of hybrid work is changing user behaviour and creating new cybersecurity challenges for IT departments, has revealed a new form of cybersecurity targeting hybrid workplace.
The research, HP Wolf Security report, showed that a growing number of users are buying and connecting unsanctioned devices outside of IT’s purview. It also highlighted that threat levels are rising, with attackers increasingly successful at bypassing defenses and tricking users into initiating attacks through phishing. All of this is making IT support more complex, time-consuming, and costly than ever.
The report combines data from a global YouGov online survey of 8,443 office workers, who shifted to Working from Home (WFH) during the pandemic, and a global survey of 1,100 IT decision makers conducted by Toluna.
Key findings of the report include a rise in new shadow IT buying and installing endpoints with security out of mind. According to the report, ‘Shadow IT’ typically refers to non-IT departments deploying software beyond the purview of IT.
It noted that this shadow is now spreading, with individuals procuring and connecting devices without being checked by IT.
“45 per cent of office workers surveyed purchased IT equipment (such as printers and PCs) to support home working in the past year. However, 68 per cent said security wasn’t a major consideration in their purchasing decision, while 43 per cent didn’t have their new laptop or PC checked or installed by IT, and 50 per cent said the same of their new printer,” it added.
The HP Wolf Security report said Phishing is becoming increasingly successful. The report said 74 per cent of IT teams have seen a rise in the number of employees opening malicious phishing links or attachments on emails in the last 12-months.
According to the report, 40 per cent of office workers surveyed aged 18-to-24 have clicked on a malicious email with almost half (49 per cent), saying they have done so more often since working from home. Of office workers that clicked or nearly clicked a link, 70 per cent didn’t report it to IT – 24 per cent didn’t think it was important, 20 per cent cited the “hassle factor”, while 12 per cent had a fear of reprisal or being punished.
The report noted that there has been an increase in devices being compromised and subsequently fuelling growth in rebuild rates. Specifically, 79 per cent of IT teams report shows that rebuild rates increased during the pandemic. Rebuild rates directly correlate to the number of endpoints that require wiping and reimaging because they have been compromised, which implies more attackers are successfully breaching outer defenses.
The report said the real figure could be higher still, stressing that 80 per cent of IT teams worry that employees’ devices might be compromised and they don’t know about it.
Global Head of Security for Personal Systems, HP Inc, Ian Pratt, said: “People often don’t know if they have clicked on something malicious, so the real numbers are likely much higher.
“Threat actors don’t always announce themselves, as playing the ‘long game’ to move laterally and infiltrate higher-value infrastructure has proven to be more lucrative. For example, by using cloud backups to exfiltrate sensitive data in bulk, encrypting data on servers, then demanding a multi-million-dollar ransom.”
Pratt continues: “It shouldn’t be this easy for an attacker to get a foothold — clicking on an email attachment should not come with that level of risk. By isolating and containing the threat you can mitigate any harmful impact, preventing persistence and lateral movement.”
According to the report, with threats rising, it’s becoming more difficult for IT teams to deliver security support. On this, 77 per cent of IT teams said the time it takes to triage a threat has increased in the past year, while an estimated 62 per cent of alerts relating to the endpoint are false positives, leading to wasted time.