Due to the massive shift to working from home and the large number of employees starting to work in a hybrid workplace, cloud-based collaboration and productivity tools have become widespread in many Lithuanian and global companies. Although the hybrid model has been in operation for several years, it has revealed the complexity of protecting the workplace. Experts point out the increased risks associated with the use of devices moving from a personal to a business environment. ESET IT Engineer Lukas Apynis and Heximus IT Project Sales Manager Vidmantas Bak discuss how different cybersecurity protocols, business processes and IT tools have a much greater impact on the security of both home and business networks these days.
In 2021, we heard a lot of news about large-scale hacks into business platforms, such as the infamous SolarWinds Orion attack and other hacking campaigns targeting IT service companies running outdated versions of the IT environment management tool Centreon. For many companies, these events should have helped them understand that cyber threats are increasingly attacking cloud systems, collaboration platforms, their users, and IT administrators who are tasked with keeping it all running smoothly. It was these tools that allowed companies to find additional efficiency opportunities throughout the pandemic.
In 2021, the email threat scene was dominated by phishing and fraudulent messages. Most often, the scams were carried out under the guise of brands of famous companies, such as Microsoft. Such attacks were followed by the logistics company DHL, the electronic signature service DocuSign and the file sharing service WeTransfer.
ESET IT Engineer Lukas Apynis says that few IT administrators, systems security solutions and budget managers were prepared for this scale of risk, with malware targeting entire service platforms — “March 2021 began with exploits of vulnerabilities in the Microsoft Exchange system, where ESET researchers identified more than 10 different threat actions by groups or groups that are likely to have taken advantage of the vulnerability. It has become a holiday for unsecured, internet-centric, servers and caused shock waves throughout the IT industry,” says L. Abynism.
