User Behaviour Risk for Cyber Activity During Pandemic

By : Welly Manurung | Thursday, July 30 2020 - 16:45 IWST

Welly Manurung (MM-Tech - President University)
Welly Manurung (MM-Tech - President University) - As we see on this pandemic what COVID-19 has created is effectively a huge monitoring challenge. Business and Industry need to ensure that remote users are who they say they are, and that their behavior is consistent with what would be expected. This is difficult when users may be logging in not only from company-issued computers or notebooks but also their smartphones, tablets and other connected devices. Usual BYOD (bring your own device) protocols that allow remote access only from one device may need to have been relaxed. In addition, staff are most likely not following their usual work patterns (logging on at circa 8am, logging out at circa 5pm) but may be working in bursts across different hours due to child care and other duties. So, how do monitoring systems spot ‘unusual’ patterns of activity and flag it for further investigation?

The  User remote connection challenge

However, it’s not only customers that industry are having to work hard to protect: there is an increased risk with staff as well. It is perhaps one of the unintended consequences of the mass migration to working from home that fraudsters have been handed a new and very tempting field of play. Employees could be more vulnerable to phishing emails and other scams. The threat is what we call the ‘hostile home network’: in a household, multiple family members could be logging in on the same network and clicking on links and content of many different kinds, potentially exposing devices to malware that could then enter the firm’s enterprise if the right endpoint controls are not in place.

There has also been a huge rise in the use of video conferencing facilities. But some of these have been shown to have sub-optimal security standards, with suspected instances of uninvited parties eavesdropping or even hijacking the conversations. Corporate of course have sophisticated and established connectivity and IT systems and already enable many staff to work remotely when needed. But the huge jump in the number of staff at all levels of the organization needing remote access has created an initial challenge even for them. Some staff may have lacked the hardware or software needed to access the bank’s Virtual Private Network (VPN), leading to IT teams loosening some controls in the short term.

Merchant surveillance interrupted

Another important area is trader surveillance. Regulatory rules require that traders’ calls are recorded and monitored. But traders have been working from home and calls have gone unrecorded. Some e-commerce have begun bringing traders back to the office, but others are still working from home. Regulators have allowed some short-term leeway here, given the importance of keeping liquidity flowing in the marketplace, but it is a situation that can’t go on forever. In the meantime, marketplace are sure to be scrutinizing trades very carefully for signs of anything unusual.  All of these issues only underline the key importance of strong information security, cyber and anti-fraud controls. It is an area that will continue to be a major focus as we move into the post-COVID recovery.

Future directions for Cyber security

Looking forward, we see two key trends arising out of this experience. Firstly, with levels of remote working likely to remain higher than they were pre-COVID-19, corporate may need to ‘reset’ some of their protocols and policies around access management, finding ways to increase flexibility without compromising security. They are also likely to look for more secure video conferencing services.

Secondly, we anticipate an increase in industrial moving parts of their IT operations to public cloud environments. Most of corporate use their own private clouds at present. But in a lockdown and other emergency situations, these can be challenging to maintain. If a security patch needs to be rolled out across a system, for example, private cloud requires a team member be physically on site. But with public cloud, patch management and other security features can automatically run remotely. For this move to happen, public cloud operators will need to meet the very specific and stringent extra security requirements that corporate are likely to have. But we expect the will to be there on both sides to make it work. It may be phased and gradual, but is likely to be a trend over the coming years.

Alongside all the other pressing issues of supporting customers and providing liquidity, cyber security will remain a top priority for business and industry for the future.

News Comment

Today's Industry

Friedhelm Best - Vice President Asia Pacific, HIMA (Photo by HIMA)

Rabu, 05 Agustus 2020 - 21:10 WIB

3 Essential Considerations When Modernizing the Safety System of Industrial Facilities

As countries in Asia start to ease restrictions and more businesses return to operation in the midst of the COVID-19 pandemic, industrial plant operators are strategising a return to normality…

Gil Yankovitch, Firmware Technology Lead and Ram Yonish, Firmware Security Evangelist (former co-founders of Cymplify Security, acquired by Check Point) (Photo by LinkedIn)

Rabu, 05 Agustus 2020 - 21:00 WIB

While IoT security standards lag, IoT security companies innovate – Overview of trends in IoT cyber security

While IoT and OT devices proliferate, IoT security standards and regulations are few and far between. Unsurprisingly, this puts individuals, enterprises and states at major risk.

Ilustration Brand phishing (Photo by Technonlogy For You)

Selasa, 04 Agustus 2020 - 09:15 WIB

Google and Amazon Overtake Apple as Most Imitated Brands for Phishing in Q2 2020

Brand phishing involves the attacker imitating an official website of a known brand by using a similar domain or URL, and usually a web page similar to the original website.

Tommi Makila, Senior Solutions Architect at Synopsys Software Integrity Group (Photo by LinkedIn)

Selasa, 04 Agustus 2020 - 08:20 WIB

Are you following the top 10 software security best practices?

Each and every company’s security needs are unique and ultimately the practices and policies related to such will be unique (or as I like to put it; it’s a journey).

Ardhi Bebi Laksono

Jumat, 31 Juli 2020 - 19:30 WIB

Market Trend E-Comerce in Indonesia

As many as 90 percent of internet users in Indonesia have made purchases of products and services online.