As COVID-19 gets more people working from home, cybercriminals zoom in

SHARRON MCPHERSON - 25 September 2020

The COVID-19 pandemic is accelerating digital trends to change our very notions of work and office. This presents both opportunities and threats – particularly when it comes to cybersecurity – and both companies and their employees will need to adapt.

At the end of August Elon Musk updated the world on his newest venture Neuralink – a “fitbit” or implant for the brain designed to facilitate brain-to-machine and eventually – brain-to-brain – interfaces. Science fiction is becoming science fact in our lifetime. And while these extreme scenarios are still some way off, anyone who has had the challenge of working from home whilst trying to home-school children during the lockdown would likely agree that if such a brain-to-machine interface was available today, they would gladly connect themselves (and their children) and be done with it.

The truth is our relationship with technology is always advancing and the COVID-19 pandemic has accelerated the velocity of change to “warp speed”. One of the side effects of this has been a sudden case of “work-from-home” whiplash as the traditionally distinct worlds of office and home have collided. There have been headaches aplenty in the past few months as a result, but humans are nothing if not adaptable and we are all growing increasingly comfortable with this collision. In part, perhaps, this is because we were already heading in that direction before the pandemic struck.

Work and ‘the office’ part ways

While COVID-19 has precipitated new work-from-home (WFH) models, our ideas of work and office were already evolving before the coronavirus pandemic.

Notions of ‘work’ and ‘office’ have been undergoing change since these ideas evolved during the second and third Industrial Revolutions. They were once distinct concepts – the former a verb (labouring), the latter a noun (the place you went to do your labour). Over time, however, we began to use them interchangeably: you could say you were “going to work” or “going to the office”, and it would mean the same thing.

In more recent times, we’ve been trying to untangle the two whilst simultaneously dealing with an evolving notion of work itself. Not just as the result of the advent of mobile technology and the ebbing stature of manufacturing. Work, especially of the white-collar type, is performed by more diverse employees than ever before. At the same time, change was being driven by ecological and social factors such as people wanting more balance between work and their personal lives.

The pandemic has undoubtedly sped things up and the results of the “experiment” are mixed. Early results indicate that the number of working hours and productivity have increased. But so too have the number of individual meetings and hours spent staring at a computer screen. By April, Zoom usage had jumped to 300 million meeting participants per day, up from a ‘mere’ 10 million per day in December, with Microsoft Teams also noting exponential spikes in users.

It is likely that we will never completely go back to what existed before. Estimates vary per country and context, but the International Labour Organisation thinks that some 27% of jobs in high-income countries could be performed from home in the future, compared to 12% in low-income countries and 10% in lower-middle-income countries. And polls suggest that increased WFH will become a feature of the immediate post-COVID world.

Protecting employees and data in the WFH world

A significant downside of this rapid – and likely permanent – shift to remote working has been the rise in cybercrime. Spotting a window of opportunity as work moved beyond the radius of a controlled environment of the office, to homes where employees literally had to fall back on their own, relatively unprotected, devices, cybercriminals pounced. Interpol has reported a marked rise in the duping of users with links to fake COVID-related sites and phishing messages about COVID-19. The World Economic Forum (WEF) described COVID-19 as “a boon for cybercriminals and fraudsters”.

Traditionally it’s been banking and financial services that have been the primary target of cybercriminals, in part because they are already far advanced on their journey to digital transformation. It’s estimated that cybercrime costs the financial sector approximately R2.2 billion every year. And it’s widely believed that this number is a conservative, underreported one.

But now, other data-rich sectors may be at risk as well. Consider the education sector where COVID-19 has injected momentum into the move to online teaching and blended learning. Hackers are already targeting educational systems and databases and, in many instances, are preventing students from accessing online learning materials. The health sector is also an increasing target. Since the start of the pandemic, WHO has seen a dramatic increase in the number of cyber attacks directed at its staff, and email scams targeting the public at large.

Greater digitisation means that most private- and public-sector organisations (government included) will have to invest more in securing access to information and data. Additionally, companies will have to invest in making certain that employees working from home are educated in cybersecurity measures such as home WiFi security issues, how to avoid phishing scams, increasing password protections, and securing access to physical devices. Likewise, students who are increasingly being forced to learn online will require educating and protection from cybercriminals.

This effort will also need reinforcement through the legal system. In South Africa, for example, the Cybercrime Bill is winding its way through the system and will hopefully provide stronger enforcement mechanisms to prevent and prosecute these crimes.

A tall order

Of course, in South Africa, where millions of South Africans can’t access the internet – or even a stable supply of electricity – the issue of cybercrime may seem a distant concern. We are a complex country with deeply rooted inequalities that will continue to exacerbate the impact of the pandemic on both employers and employees. If anything, COVID-19 has revealed the need to address the societal ills that impact our ability to overcome the technological challenges we’re facing, at the same time as we attempt to evolve and embrace the changing notions of work and office. This is a tall order and it will require courage, tenacity and capability – from all of us. The country will need to work together to rise to this challenge.

Dr Sharron McPherson is an adjunct senior lecturer at the UCT GSB and co-founder of the Johannesburg-based Centre for Disruptive Technologies. This article originally appeared in Daily Maverick

Leadership | Tech | Strategy

MORE ON COVID-19

MORE ON THIS TOPIC