Lapses in security is due to lack of basic 'cyber hygiene'.
The switch to remote working has seen a spike in cybersecurity incidence by 10 times, with lapses in security mainly due to basic “cyber hygiene” issues such as misconfiguration of VPN and firewall, and outdated software, according to a report by PwC.
Cyber hygiene refers to practices undertaken by computer system administrators and users to improve online security.
“From over 300 techniques documented by PwC’s cyber team, we’ve learnt that the recurring patterns of these attacks include both front door break-ins like leaked credentials or exposed ports, and lack of internal monitoring like remote access and data sharing,” PwC Hong Kong cybersecurity and privacy partner Kok Tin Gan said.
PwC Hong Kong responded to over 30 cases of active breach or network intrusion in 2020 alone. The work involved an end-to-end incident response cycle, from containment and threat hunting to post-incident security uplift.
Hackers have deployed both evolving and recurring tactics to attack organisations, including ransomware incidents, more manual hacking techniques, and business email compromise.
Do you know more about this story? Contact us anonymously through this link.