Get All Access for $5/mo

Entrepreneurs Beware: Remote Work Can be Fertile Ground for Cybercriminals Remote work is a double-edged sword providing a lifeline to businesses. However, it also opens them up to potential attacks from hackers.

By Michael Jurgen Garbade Edited by Jason Fell

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur Europe, an international franchise of Entrepreneur Media.

Thana Prasongsin | Getty Images

When the coronavirus wave took over the world and governments imposed lockdown and stay-at-home rules, entrepreneurs wondered how they were going to keep afloat. Everyone was trying to make sense of what was happening. Big tech companies took the lead when they permitted some of their employees to work remotely. Other businesses had no choice but to test this model of working. It was not a matter of choice. It was a necessity. The mantra was to save lives and businesses.

Somewhere in the shadows, I bet hackers were smiling. Christmas had come early for them. And we were only in the first quarter of the year. From my experience, I knew that the "cyber-crime business" was going to score big. Businesses were opening themselves to potential attacks. They still are.

Across the Atlantic, for example, more than half of the American workforce is working from home. This presents a huge opportunity for hackers to hit the jackpot. A recent IBM survey shows that the odds are stacked in favor of cyber-criminals. Eighty-three percent of employees pushed to work-from-home were not provided with a remote work model before the pandemic. More than 50 percent of the respondents said they were not updated on new security policies on how to securely work remotely. More than half are using their own devices and 61 percent pointed out that they have not been equipped with proper tools to secure those devices.

Weak links in the chain.

As an entrepreneur, I know that my fight is not just keeping my business going. But also keeping it secure. Any organization is as strong as its weakest link. Which could be remote workers.

On July 11, Caasha, a U.K.-based crypto-friendly bank, lost 336 bitcoins (BTC) worth $3.1 million at the time in a hack. Caasha founder and CEO Kumar Gaurav told Cointelegraph that hackers exploited the personal computer of an employee. Criminals gained access to the company's funds through an employee who used a private device. One can argue that this was an inside job. But it could have been prevented had the employee used the designated company computer. Hackers used several techniques such as phishing and viruses in the breach, according to Gaurav.

Social media giant Twitter was embarrassed by a coordinated social engineering attack in which hackers colluded with employees to gain internal controls. The perpetrators hijacked high-profile accounts and used them to engage in a bitcoin scam that netted $120,000 in bitcoins. Employees may have handed over information that enabled hackers to breach security protocols. This hack shows how internal employees can be a threat to a company. Remote workers have a higher risk of giving away the company's security information, whether voluntarily or otherwise.

Another similar kind of attack involves the impersonation of tools and brands used for online work. Cybercriminals have been targeting Google-branded tools and domains to engineer attacks. Domains such as drive.google.com were targeted by criminals to try and trick remote workers into sharing login credentials. Sites such as onedrive.live.com were also used by criminals in attacking remote workers.

Face-to-face meetings are gone, or at least, kept to a minimum. Digital tools are used for communication, holding meetings, and tracking productivity. They are at the center of remote working. However, they also pose a security threat that criminals can exploit. The cybersecurity firm TrendMicro uncovered a campaign where cybercriminals tricked users into installing RevCode WebMonitor RAT, a software program that remotely controls computers. Users downloaded Zoom software infected with the malicious code. Users unknowingly installed both Zoom and the remote access tool. The attackers got a back door to monitor all the activities of their victims. For companies, this means that hackers can easily have access to your passwords and sensitive information.

Entrepreneurs need to prioritize security.

There is a need for entrepreneurs and businesses of all sizes to take security seriously. It all starts with companies taking the initiative of teaching their employees to observe security protocols put in place. We all know that prevention is better than a cure.

Businesses should have cybersecurity experts to teach employees how to safeguard company data. The security teams can also check regularly to see if the company data and systems are not compromised. With a lot of incoming and outgoing emails, remote workers need to avoid phishing emails. Another issue to take note of is the management of incoming and outgoing employees. When an employee leaves your company, change their login details so that they don't have access to your systems. They might give the login credentials to nefarious people who will harm your business. Or the former employees may hurt your company by stealing your information.

The security of your business matters. Know the risks and take the necessary steps to mitigate them.

Michael Jurgen Garbade

CEO of Education Ecosystem

Michael J. Garbade is the co-founder and CEO of Education Ecosystem. He is a serial tech entrepreneur who formerly worked at Amazon, General Electric, Rebate Networks, Photobucket and Unicredit Group. Garbade has experience working in the U.S., Europe, Asia and South America
Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

These Companies Offer the Best Work-Life Balance, According to Employees

The ranking is based on Glassdoor ratings and reviews.

Science & Technology

Use This Framework to Successfully Integrate AI Into Your Business Operations

Here's how to ensure both innovation and compliance when using AI in your organization.

Business News

Here's What the CPI Report Means for Your Wallet, According to JPMorgan and EY Experts

Most experts agree that there will be another rate cut next week.

Growing a Business

Why Business Owners Should Streamline Their Operations Now for Success in 2025

As the holiday season and year-end approach, business owners face heightened operational demands, from inventory management to spend control. By streamlining these processes and partnering with flexible suppliers, businesses can maintain efficiency, meet customer needs and focus on growth while navigating this busy period.

Growing a Business

5 Effective Strategies to Boost Your Business's Online Presence

Boosting your online presence in 2025 is the key to success for businesses looking to grow. Working on your branding and reputation management is important to drive more sales and improve conversion.