Twenty percent of companies experienced a data breach caused by remote workers, according to a new study by the cybersecurity firm Malwarebytes.
Businesses are increasingly exposed to significant cyber risks ever since the shift from working in the office to working from home. This inevitably leads to more data breaches. Malwarebytes questioned 200 IT decision-makers and found out that 20 percent of the companies fell victim to a data breach because of the actions of a remote worker. This breach results in higher costs for these companies, with 24 percent of the businesses reporting unexpected expenses.
According to the research, the use of personal devices for work is one of the main reasons why remote workers cause more problems. However, this is also the fault of the companies themselves, as 61 percent of them do not require their employees to require additional security on their personal devices, like for example antivirus solutions.
Malwarebytes claims that cybercriminals mainly attack poorly secured corporate VPNs, cloud services and email accounts. In the latter case, they often resort to phishing emails with an emphasis on corona-related news, causing people to fall for these emails more often. These emails are used to install various types of malware, such as AveMaria and NetWiredRC, on the victim’s device. This gives them access to the device, webcam and more.
According to Malwarebytes, the use of AveMaria malware has increased by 1219 percent since the beginning of the pandemic and is mainly targeted at employees of large enterprises. Use of NetWiredRC increased 99 percent in the first six months of the year.