Organizations suddenly now face newly exposed or vulnerable devices and services, and their employees are using malware-infected networks
There is significant security issues across the rapidly rising number of networks used to work from home, according to BitSight’s study. According to the study, which analyzed more than 41,000 organizations, companies suddenly now face newly exposed or vulnerable devices and services, and their employees are using malware-infected networks.
The research comes on the heels of BitSight’s latest offering, BitSight Work From Home -- Remote Office, which enables organizations to discover and monitor security issues on remote offices and networks, helping users to reduce the risk that their networks and data will be compromised.
To perform this analysis, BitSight leveraged its broad, unique visibility into global security performance along with its industry-leading asset mapping capability to identify work from home and remote office (WFH-RO) networks. The research reveals that the surge in work from home activity has dramatically expanded the cyberattack surface, leaving companies and their data vulnerable. Chief among the findings:
Work From Home Networks 3.5 Times More Likely to Have Malware
Networks used to work from home are 3.5 times more likely to have malware present than the traditional corporate network. 45% of companies had malware on their employees’ work from home networks, whereas only 13.3% of companies had malware on their corporate networks.
Networks used to work from home are 7.5 times more likely to have five or more distinct families of malware present than the traditional corporate network. 17% of companies had at least five distinct malware families observed on their employees’ work from home networks, whereas only 2.3% of companies were observed to have at least five distinct malware families on their corporate networks.
Well-known bot networks -- networks of computers infected with malware -- are more prevalent on work from home networks compared to the corporate network. For example, the Mirai botnet is observed at least 20 times more frequently on work from home networks than corporate networks, while the Trickbot malware is observed at least 3.75 times more frequently on work from home networks as compared to corporate networks.
Home Networks Expose New, Vulnerable Services
The nature of work from home networks offers unique potential exposures and vulnerabilities. Commonly observed exposed devices include: cable modems, routers, cameras, storage peripherals and other IoT devices. Most of these interfaces are inadvertently accessible or infrequently updated by the user, heightening the concern.
For example, the research found that 25.2% of work from home networks has one or more services exposed on the Internet. Of those, 61.2% have an exposed cable modem control interface, an exploitation channel commonly used by Internet-wide attacks.
“Company security risks are rising sharply as a massive workforce suddenly accesses sensitive resources from anywhere,” said Stephen Boyer, chief technology officer at BitSight. “Addressing cyber risk to the remote workforce has become the primary concern for security and risk professionals. Through our latest innovations, BitSight is helping organizations of all sizes tackle this critical priority immediately.”