Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Cyber Warriors Sound Warning on Working From Home

Cyber warriors on NATO’s eastern edge are warning that the growing number of people working from home globally due to the pandemic is increasing vulnerability to cyber attacks.

Cyber warriors on NATO’s eastern edge are warning that the growing number of people working from home globally due to the pandemic is increasing vulnerability to cyber attacks.

The Baltic state of Estonia hosts two cyber facilities for the Western military alliance — set up following a series of cyber attacks from neighbour Russia more than a decade ago.

“Large scale use of remote work has attracted spies, thieves and thugs,” Jaak Tarien, head of NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE), told AFP in an interview.

The increased amount of information travelling between institutional servers and home networks is creating new challenges for employers.

“Tackling these new challenges is complicated and requires a lot of resources as well as a different kind of approach,” Tarien said.

“We are likely only scratching the surface in assessing the magnitude of malicious activities taking place in the Covid-era busy cyberspace.”

An EU-wide survey in September found that around a third of employees were working from home.

– Boom in online courses –

Advertisement. Scroll to continue reading.

The concerns are echoed at NATO’s Cyber Range — a heavily-guarded facility protected by barbed wire in the centre of the capital Tallinn run by Estonian defence forces.

The server rooms inside serve as a platform for NATO cyber security exercises and training.

“Specialists have set up the work infrastructure, but they cannot control the way people use their home internet or how secure it is,” said Mihkel Tikk, head of the Estonian defence ministry’s cyber policy department.

Tikk said the latest cyberattacks have targeted Estonia’s health sector and Mobile-ID — the mobile phone based digital ID.

The coronavirus pandemic has also affected operations at the cyber facilities themselves, forcing the cancellation of offline exercises.

But the NATO Cyber Defence Centre said the silver lining is the growing popularity of the cyber security courses it is putting online.

The online courses include “Fighting a Botnet Attack”, “Operational Cyber Threat Intelligence” and “IT Systems Attack and Defence”.

There were 6,411 students by September 1 and the centre is aiming for 10,000 by the end of 2020.

– ‘A massive mistake’ –

The Cyber Defence Centre was set up following a series of cyberattacks of unprecedented sophistication on Estonian websites in 2007.

The Russian pro-Kremlin youth organisation Nashi later claimed responsibility.

These days, Estonia faces a “continuous flow of attacks” and repelling them requires constant work, Defence Minister Juri Luik told AFP.

But he said the country was in “a pretty good situation” since it has had time to learn from past experience.

“We have worked diligently to guarantee that the computer networks are difficult to break in and the communication is encrypted –- both military but also civilian communication.

“So I think it is relatively more difficult to harm Estonia than many other countries who perhaps are not so used to working via cyberspace and haven’t given too much attention to cyber defence,” he said.

The minister underlined that all this work would be for nothing without basic cyber hygiene, including password protection.

“This is extremely important and should be remembered — especially now that many people work from home via computer.

“At home you might let your guard down and that’s of course a massive mistake.”

Related: New Zebrocy Campaign Suggests Russia Continues Attacks on NATO

Related: NATO Chief Calls for New Strategy on Cyber, China

Related: NATO Condemns Cyberattacks Against COVID-19 Responders

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.