Following the pandemic, as more organizations opt for flexible work arrangements, we looked into the particular cyber threats that workers working from the home face.
There was a substantial reduction in traffic going through our URL Filtering service in early 2020 when workers began transitioning to working from home, coincident with a big surge in the number of unique phishing pages every week. This indicates that, at the height of remote work, when just a small fraction of end-user traffic was secured by corporate firewalls, cybercriminals were launching more phishing assaults than ever before.
Trends in Firewall Traffic
Starting in September 2019, we’ll look at patterns in URL Filtering traffic from before the epidemic. A sudden and severe reduction in traffic was seen between March and April 2020, just as COVID was beginning to spread across the United States, causing companies to migrate to remote employment.
Investigations into the differences in customer traffic between on-prem Next-Generation Firewalls and Prisma Access, our cloud-based security product. From March to April 2020, weekly traffic from our on-premise firewalls decreased considerably — by roughly 45 percent. Prisma Access, on the other hand, had a 200 percent spike in weekly traffic when workers began working remotely. (Holiday breaks cause the drops in December 2020 and December 2021.)
Because the hybrid work model is likely to persist post-pandemic (according to The Work Trend Index, a report released by Microsoft, more than 70% of personnel across a range of industries want versatile remote work alternatives to continue), organizations must rethink how to defend their workforces progressing forward, which begins with making cybersecurity an essential part of their hybrid and/or remunerated work models.
Trends in Phishing
An initial upward trend in the latest phishing URLs beginning in February 2020 and cresting in June 2020 was observed. It showed that the highest number of new phishing pages was observed as the URL Filtering traffic was at its lowest (May-June 2020). This implies that the increasing rate of remote work at the time coincided with an increased rate of phishing attempts.
The amount of traffic from phishing pages was even more than 2.4 times higher in Prisma Access traffic than in on-premises firewall traffic. While the underlying causes are unknown, one probable hypothesis is that personnel may be less vigilant about phishing websites when operating outside of the office. If this is the case, it is even more critical that workers who work online have access to proper internet security, such as URL Filtering, to protect them from online risks like phishing attempts and other harmful URLs.
Final Notes
Threat actors raised the frequency of phishing attempts at the same time that the number of workers working from home grew. Employers must ensure that workers remote workers have the same access to sufficient cyberthreat coverage as personnel working in the office if they wish to retain a secured workforce in this new hybrid/remote workplace.
Palo Alto Networks’ remote-work products, which include cloud-delivered security services like URL Filtering and Threat Prevention, can safeguard personnel against the newest phishing as well as malware assaults whether they work from the office or online.