What COVID-19 Means for Network Security


The COVID-19 Pandemic is causing huge social and financial shifts, but so far, its impact on network security has gone under-reported. Yet with thousands of companies worldwide requiring millions of employees to work remotely, network administrators are seeing unprecedented changes in the ways that clients are using their networks and new threats that seek to leverage the current crisis.

VPNs Show Explosive Growth
A quick Google search for "work remotely" gives an indication of one type of company that is going to massively benefit from the massive shift to remote working: VPN providers. Almost every article focused on how to work with remote teams recommends that businesses give all their employees VPNs.

Recent reports suggest that this has already begun. Statistics from VPN provider NordVPN show the US has experienced a 65.93% growth in the use of business VPNs since 11 March, with the biggest gain being in desktop users.

This is both good and bad news for network security. It's great, of course, that users are now encrypting sensitive commercial and personal data. On the other hand, some network engineers are struggling to manage users on systems that make use of IP addresses for authentication.

Changes in Network Usage
Another shift caused by the current pandemic has been an unprecedented spike in voice and video traffic. Verizon has previously reported that voice usage has long been fluctuated due to the popularity of texting, chat, and social media. Voice traffic increased 25%. Their network report shows the primary cause of this is users accessing conference calls, but people are also talking longer on mobile devices, with calls lasting 15% longer.

From a network security perspective, this could be a huge problem. Voice data typically requires high amounts of processing power to encrypt, and so a spike in voice traffic is going to put an extra load on existing encryption systems.

This is already apparent, in fact. With so much voice traffic flooding networks, Ookla says it has started to see a degradation of mobile and fixed-broadband performance worldwide. Comparing the week of 16 March to the week of 9 March, the mean download speed over mobile and fixed broadband decreased in both Canada and the U.S.

Responding to these changes — at least in the short term — is going to require a process of employee management, rather than technical upgrades. Network admins who are seeing huge spikes of voice data on their networks, accompanied by performance issues, should report this to executives who can remind staff that they (hopefully) have many other ways to communicate with each other.

Emerging Threats
Finally, it's becoming increasingly apparent that hackers are taking advantage of the pandemic to spread malware. Security analyst Check Point's Threat Intelligence has reported that since January 2020 there have been over 4,000 coronavirus-related domains registered globally. 3% of these websites were found to be malicious, and an additional 5% are suspicious. Corona-related domains are 50% more likely to be malicious than other domains registered in the same period, and also higher than recent seasonal themes such as Valentine's Day.

These threats come at a very vulnerable time for network administrators. Many staff are working from home, and so the corporate firewalls that can stop employees falling victim to a scam are no longer in place. In addition, the panic caused by the virus means that employees are more likely to be taken in by a seemingly innocent site or email.

Responding to these threats relies, again, on educating staff about the importance of cybersecurity when working from home. They should be taught how to secure their home systems against common forms of cyberattack and should be extremely wary of COVID-19 information that doesn't come from a trusted source.

The Future
At a broader level, these shifts could change the way that networks are planned. Some have noted that the sudden spike in remote working might not automatically disappear once the pandemic is over: instead, many firms will realize the benefits of remote working, not least for their fixed costs, and make this standard in the future.

Because of this, Tom Nolle, president of CIMI Corporation, has argued that the current shutdown "could eventually produce a major uptick for SD-WAN services," particularly for MSPs. This will mean that the short-term changes in network usage caused by Corona might not be so short-term after all. In other words, this crisis might be the new normal.

Source: CircleID