Working from home amid Covid-19 pandemic blamed for rise in cyber hits on Singapore organisations

Eight in 10 public- and private-sector organisations in Singapore working from home has led to a rise in cyber attacks across the board. ST PHOTO: CHONG JUN LIANG

SINGAPORE - While working from home has become the norm for many people amid the Covid-19 pandemic, it might have also caused many organisations in Singapore to fall victim to cyber attacks.

About eight in 10 public- and private-sector organisations here attributed such a working arrangement to a rise in cyber attacks across the board, said a report by software company VMware on June 4.

This is comparable with the global figure across 14 markets.

Nearly seven in 10 here said the attacks were serious enough to report to regulators or to call in an incident response team. Globally, this is higher - at eight in 10.

"Digital transformation programmes advanced rapidly as the cyber-attack surface expanded to include living rooms, kitchens, home networks and personal devices," explained principal cyber-security strategist Rick McElroy of VMware's security business unit.

Mr McElroy added that while remote employees' work laptops are usually well secured, home Wi-Fi networks used to go online can pose serious security risks.

"Updates to home router software are often overlooked, and many home networks do not have a firewall installed. These unsecured and unpatched networks can result in network security gaps," he said, pointing also to issues with the use of other Internet-connected devices on home networks for work.

The remote workforce behaves very differently from the office workforce - its members access the organisation's network at unpredictable hours as they strive to stay productive while caring for their families and following government restrictions.

This means network traffic has "changed beyond recognition", and organisations must adapt monitoring systems or risk leaving an opportunity for hackers to use atypical patterns to mask their infiltration attempts, Mr McElroy said.

What is key is that companies need to understand how people interact with technology, he said. This can include when an employee usually works, the applications he normally uses and the websites he commonly visits.

So for example, when an employee who usually works in California logs in 10 minutes later from Singapore, which is humanly impossible, the company knows something is amiss.

"Knowing this baseline helps better detect a malicious log-in," said Mr McElroy.

The VMware-commissioned study polled about 250 chief information officers, chief technology officers and chief information security officers here last December.

They came from the financial, healthcare, government, retail, manufacturing and engineering, food and beverage, utilities, professional services, and media and entertainment sectors.

The study found that organisations here reported more cyber attacks in the previous 12 months, with 64 per cent saying so.

About a year ago, the figure was 43 per cent.

More organisations globally saw more cyber attacks than those in Singapore in this year's report, with 76 per cent reporting this.

However, the Republic had more breaches on average per organisation - 3.3 versus 2.35 globally.

The leading cause of breaches reported here was a weakness in processes, with 22 per cent of respondents citing this. One example is companies not deploying patches on a regular basis.

The next top causes of breaches were using out-of-date security (20 per cent) and third-party apps (13 per cent).

Outdated security includes operating systems that are no longer supported by their developers, such as those found in manufacturing systems.

Some cases involved an old critical application that is not updated because doing so might mean taking vital systems offline.

These legacy systems and old apps could remain unpatched for vulnerabilities, and using modern security solutions to protect them is difficult at times.

Third-party apps that can lead to breaches include externally developed ones used for sharing files, which can allow crooks to access sensitive data if hacked.

These top causes of attacks generally boil down to how organisations' information technology and security operations teams interact and work in silos when solving issues, said Mr McElroy.

To address some of these issues, he advised organisations to have security in place "wherever and whenever humans interact with systems", including online programs and applications.

Join ST's Telegram channel and get the latest breaking news delivered to you.