Table of Contents
Why cyber security risk of remote working is no friend to business organizations ................. 2
1.1 Background .......................................................................................................................... 2
1.2 Problem statement ................................................................................................................ 3
1.3 Aims ..................................................................................................................................... 3
1.4 Objectives ............................................................................................................................ 3
1.5 Scope of study ...................................................................................................................... 4
1.6 Project Budget ...................................................................................................................... 4
1.7 Project Schedule................................................................................................................... 5
1.8 Research questions ............................................................................................................... 6
2.0 Literature review .................................................................................................................. 6
2.1 Introduction .......................................................................................................................... 6
2.2 Case study ............................................................................................................................ 7
2.2 Impact of ransomware attacks on remote working organizations ..................................... 10
2.3 Measures taken to prevent ransomware attacks ................................................................. 11
2.4 Problems with the existing measures ................................................................................. 11
3.0 Chapter 3 ............................................................................................................................ 13
3.1 Data needed to be collected in relation to ransomware attacks in remote working ........... 13
3.2 How the data will be collected ........................................................................................... 13
3.3 The sample size and the method of the research................................................................ 13
3.4 Questionnaire ................................................................................................................... 13
3.5 Analysis of the results from the questionnaires ................................................................. 16
4.0 Chapter 4 ............................................................................................................................ 18
4.1 Research findings ............................................................................................................... 18
4.2 Research limitations ........................................................................................................... 18
4.3 Conclusion and recommendation ....................................................................................... 19
References ................................................................................................................................ 21
Learning outcome 4 (performance review).............................................................................. 22
,Why cyber security risk of remote working is no friend to business organizations
1.1 Background
According to (Furnell, 2020) remote working is by no means a new concept. However, it is no
context in which security has been given the priority it requires. Examining the situation back
in 2006 revealed some drawbacks in terms of user awareness and safeguard in remote working.
The question is whether a decade later things concerning the situation which has forced work
to be done remotely. An example is on 16 March, a week before lockdown, UK had only 15%
of employees working remotely. However, the figures rose to 38% by 13 April. This shows
how remote working has been embraced by many workforces.
(Bernardi Pranggono, 2020) suggests that the rise of teleworking in the pandemic situation has
become an open invitation for scammers using cyber security threats such as phishing to attack
victims such as government, tax authorities and even private business firms. A report from the
World Economic Forum (WEF) highlights phishing and hacking as the new norm after the
virus attacks have been reduced. These scams are even more effective during the pandemic. As
cyber criminals are more aware of this, it is much easier for them to create fake messages or
website to replicate the familiar authorities, this has become a global concern due to the state
of handling such situation is vulnerable.
Many businesses make mistake of not addressing the security measures and solution to prevent
employees making a mistake that would lead to a possibility of a cyber-attack. Experts also
agree careless employees, consultants, vendors, and other stakeholders can be a danger to the
organization’s cyber security as the hackers from the outside. 90% of successful hack attacks
are due to human error especially from the employer’s mistake. Therefore, Employees must
learn routine security practices while remote working.
In conclusion, these means that organizations that do not have the infrastructure or policies to
protects them against cyber-attacks must be more prepared than ever. To avoid these attacks
when working remotely organization should, protect business data, secure remote networks,
empower employees and plan on dealing with an attack situation.
, 1.2 Problem statement
Although two-step password verification and VPNs have been implemented by many
businesses working from home, many minor threat protection steps are not taken seriously as
they would have been taken in a workplace. Teleworkers are sending suspicious emails,
attachments or even invitation links to the IT department claiming to send reports. (Borkovich,
2020). Malware attacks, especially ransomware, has increased during the remote working
period.
This shows that Human error is the primary threat when it comes to boosting the chance of a
cyber-attack. According to (Malecki, 2020) cyber criminals are exploiting the situation of
remote working and launching ransomware attacks on unprotected or unprepared business
organization. According to the source, From February to April 2020, malware-attacks,
especially ransomware attacks have increased by 283%. The bigger risk of this is that
ransomware can encrypt even back-ups.
To overcome this, companies are now testing their back-up systems regularly. Unfortunately,
as shown in StorageCraft’s research (Malecki, 2020), shows that 68% of organization believe
that they have effective measures to recover against ransomware attacks. However, only 46%
or less of the organization test their systems once a year. While having backups is important,
having to be able to recover all the data is critical for the business.
1.3 Aims
The aim of the research is to explore potential risks of malware particularly ransomware attacks
faced while working remotely. This will help with appropriate solution to solve the current
issue or how to improve the current measures taken by the organization to counter the problems.
1.4 Objectives
• To review literature on the cyber security risks of remote working
• To Conduct small scale research, gathering data on malware attacks in remote working
• To Present the finding on malware attack in remote working drawing meaningful
conclusion found from the findings
• To Reflect the values gained from project and whether its useful to organizational
performance
Why cyber security risk of remote working is no friend to business organizations ................. 2
1.1 Background .......................................................................................................................... 2
1.2 Problem statement ................................................................................................................ 3
1.3 Aims ..................................................................................................................................... 3
1.4 Objectives ............................................................................................................................ 3
1.5 Scope of study ...................................................................................................................... 4
1.6 Project Budget ...................................................................................................................... 4
1.7 Project Schedule................................................................................................................... 5
1.8 Research questions ............................................................................................................... 6
2.0 Literature review .................................................................................................................. 6
2.1 Introduction .......................................................................................................................... 6
2.2 Case study ............................................................................................................................ 7
2.2 Impact of ransomware attacks on remote working organizations ..................................... 10
2.3 Measures taken to prevent ransomware attacks ................................................................. 11
2.4 Problems with the existing measures ................................................................................. 11
3.0 Chapter 3 ............................................................................................................................ 13
3.1 Data needed to be collected in relation to ransomware attacks in remote working ........... 13
3.2 How the data will be collected ........................................................................................... 13
3.3 The sample size and the method of the research................................................................ 13
3.4 Questionnaire ................................................................................................................... 13
3.5 Analysis of the results from the questionnaires ................................................................. 16
4.0 Chapter 4 ............................................................................................................................ 18
4.1 Research findings ............................................................................................................... 18
4.2 Research limitations ........................................................................................................... 18
4.3 Conclusion and recommendation ....................................................................................... 19
References ................................................................................................................................ 21
Learning outcome 4 (performance review).............................................................................. 22
,Why cyber security risk of remote working is no friend to business organizations
1.1 Background
According to (Furnell, 2020) remote working is by no means a new concept. However, it is no
context in which security has been given the priority it requires. Examining the situation back
in 2006 revealed some drawbacks in terms of user awareness and safeguard in remote working.
The question is whether a decade later things concerning the situation which has forced work
to be done remotely. An example is on 16 March, a week before lockdown, UK had only 15%
of employees working remotely. However, the figures rose to 38% by 13 April. This shows
how remote working has been embraced by many workforces.
(Bernardi Pranggono, 2020) suggests that the rise of teleworking in the pandemic situation has
become an open invitation for scammers using cyber security threats such as phishing to attack
victims such as government, tax authorities and even private business firms. A report from the
World Economic Forum (WEF) highlights phishing and hacking as the new norm after the
virus attacks have been reduced. These scams are even more effective during the pandemic. As
cyber criminals are more aware of this, it is much easier for them to create fake messages or
website to replicate the familiar authorities, this has become a global concern due to the state
of handling such situation is vulnerable.
Many businesses make mistake of not addressing the security measures and solution to prevent
employees making a mistake that would lead to a possibility of a cyber-attack. Experts also
agree careless employees, consultants, vendors, and other stakeholders can be a danger to the
organization’s cyber security as the hackers from the outside. 90% of successful hack attacks
are due to human error especially from the employer’s mistake. Therefore, Employees must
learn routine security practices while remote working.
In conclusion, these means that organizations that do not have the infrastructure or policies to
protects them against cyber-attacks must be more prepared than ever. To avoid these attacks
when working remotely organization should, protect business data, secure remote networks,
empower employees and plan on dealing with an attack situation.
, 1.2 Problem statement
Although two-step password verification and VPNs have been implemented by many
businesses working from home, many minor threat protection steps are not taken seriously as
they would have been taken in a workplace. Teleworkers are sending suspicious emails,
attachments or even invitation links to the IT department claiming to send reports. (Borkovich,
2020). Malware attacks, especially ransomware, has increased during the remote working
period.
This shows that Human error is the primary threat when it comes to boosting the chance of a
cyber-attack. According to (Malecki, 2020) cyber criminals are exploiting the situation of
remote working and launching ransomware attacks on unprotected or unprepared business
organization. According to the source, From February to April 2020, malware-attacks,
especially ransomware attacks have increased by 283%. The bigger risk of this is that
ransomware can encrypt even back-ups.
To overcome this, companies are now testing their back-up systems regularly. Unfortunately,
as shown in StorageCraft’s research (Malecki, 2020), shows that 68% of organization believe
that they have effective measures to recover against ransomware attacks. However, only 46%
or less of the organization test their systems once a year. While having backups is important,
having to be able to recover all the data is critical for the business.
1.3 Aims
The aim of the research is to explore potential risks of malware particularly ransomware attacks
faced while working remotely. This will help with appropriate solution to solve the current
issue or how to improve the current measures taken by the organization to counter the problems.
1.4 Objectives
• To review literature on the cyber security risks of remote working
• To Conduct small scale research, gathering data on malware attacks in remote working
• To Present the finding on malware attack in remote working drawing meaningful
conclusion found from the findings
• To Reflect the values gained from project and whether its useful to organizational
performance
