sb-au logo
Story image

COVID-19: How analysis of IoT devices highlights our changing behaviour

07 May 2020

The behaviour of consumers and enterprises alike has changed drastically and in many ways in the wake of the COVID-19 pandemic – and through analysis of connected devices, including Internet of Things (IoT) devices, rich insight can be gleaned into changing the way we interact with our devices.

ExtraHop has today issued a report detailing such changes, with warnings that connected devices, both those used by employees at home and those left idle but connected to the office network, can pose serious security risks to enterprises.

Using aggregate data from across its global user base, ExtraHop analysed business-related device activity during a one week period at the end of March 2020, which was compared to activity from a similar study of the same global user base conducted in November last year. 

The results reveal not only patterns that illuminate the state of work during the COVID-19 crisis, but also the long-term security implications of a distributed workforce.

Key findings

Unsurprisingly, there was a 65% decline in the number of laptops and a nearly 70% decline in the number of smartphones connecting directly to corporate networks in March 2020. 

However, employees are still accessing corporate resources, often relying on questionably secure local networks that lack the safeguards of the office network and thus are more exposed to malware.

The report also revealed that the number of connected IP phones declined by just 7.5%, indicating that many of these devices remain on and connected even when no one is using them. 

Almost 25% of those VoIP devices are Cisco IP phones, for which a critical vulnerability (CVE-2020-3161) was announced in April.

Printers – at high risk for vulnerabilities and one of the most common targets of hackers – showed even smaller declines in connectivity, dropping by just 0.53%.

Organisations seem to be taking more precautions than before against physical intrusion, with the report revealing connections from security cameras increased by 47% in March.

Security cameras, like IP phones and printers, often have vulnerabilities and have been observed phoning data home.

“The almost overnight shift to remote work required a massive effort just to ensure the availability of applications and critical resources for employees outside the office,” says ExtraHop vice president, cloud and security solutions Sri Sundaralingam. 

“For many organisations, the management of IoT and other connected devices may have been an afterthought, or at least something they didn’t anticipate having to handle long term. 

“As availability and security issues surrounding remote access become more settled, this needs to be an area of focus.”

Story image
Users pay with personal data - Kaspersky on WhatsApp move to share data with Facebook
"Nothing is truly free, and, unfortunately, the current business model for free services means that, essentially, we pay with our data."More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."More
Story image
Legacy security architectures threaten to disrupt remote workforce
Network security is of prime concern amongst IT leaders, as most companies continue with work-from-home policies.More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
How Bitcoin could impact the cyber-threat landscape
Bitcoin's escalating valuation has made some criminal organisations and malicious individuals very wealthy. The impact of this growth in wealth may have a severe impact on the future threat landscape.More