Worried about working-from-home cybersecurity? Company WiFi is just as insecure: report
Cybersecurity has become a key corporate concern as many employees are now working from home, but a new study shows that over half of organisations generally have no visibility over who is using their own WiFi.
The latest Internet of Evil Things survey, based out of the UK, shows that more than two-thirds are also not regularly monitoring for security vulnerabilities on wireless devices.
The survey covered 200 companies, of which just over half said they had no idea of how many devices connected to their network.
In Australia, the ACCC and the federal government’s Cyber Security Centre have reported an increase in COVID-19 attacks and complaints being made. The figures are expected to rise.
In Australia, the most popular attacks have involved credential phishing via emails and text messages which either imitate a government or health authority, offer advice and information on COVID-19 testing or other measures being taken in response to the outbreak, and contain a link or attached document embedded with malware, say Gilbert & Tobin lawyers Natalie Zwar and Rebecca Dunn.
Research firm Gartner is predicting global investment in 5G and wireless infrastructure to reach over $US4bn ($6.5bn) this year, which is expected to make Internet connected devices such as house appliances or even street lights, as well as bring-your-own-device to work policies more ubiquitous.
Yet according to the Internet of Evil Things survey findings, 69 per cent of security professionals don’t test for malicious infections or known vulnerabilities within wireless devices on a weekly basis.
“This lack of visibility into the wireless airspace indicates that there is either a lack of clarity into wireless security threats or a severe oversight by organisations when it comes to their overall wireless security strategies,” it said.
Over half of companies lack pre-existing security controls to examine devices before they join the network, and almost a quarter do not have or are unsure as to whether they have a guest WiFi network for non-employees.
Given the number of vulnerabilities within modern wireless and Bluetooth devices, if organisations continue to take a ‘head in the sand’ approach towards securing wireless networks, they are giving hackers the leverage they require to exploit the wider network infrastructure.