Intelligent CIO North America Issue 08 | Page 10


Pandemic IT security survey exposes critical gap

about cybersecurity risks during COVID-19 than they were before the pandemic – as perimeter-based security is no longer possible so device infrastructure becomes even more vulnerable .
Worryingly , less than half ( 49 %) of respondents said their organization ’ s cybersecurity has strengthened since the start of the pandemic .
Employees are mostly concerned about how this could impact their data privacy as 54 % of respondents indicated that the biggest cybersecurity concern they have is their personal data being compromised .

Lynx Software has announced the results of its pandemic cybersecurity survey designed to capture US employees ’ sentiment toward how seriously companies have taken cybersecurity since the start of COVID-19 .

Companies have not done enough to prevent heightened security risk in light of remote working , as nearly four in 10 ( 36 %) respondents have been , or know someone who has been , impacted by a cybersecurity attack since the start of COVID-19 .
Lynx ’ s survey findings of 1,000 working Americans indicates that a large majority of respondents ( 69 %) are more concerned
“ Organizations of all types need to prioritize finding ways to secure end-points for their employees ’ devices , whether they are on laptops , Edge servers or anything between , especially in the remote , zerotrust environment we are living in ,” said Arun Subbarao , Vice President of Engineering and Technology at Lynx Software .

Verkada is victim of security camera hack

Security company Verkada is reported to have been the victim of a hack of up to 150,000 security cameras . The attack targeted a Jenkins server used by its support team to perform bulk maintenance operations on customer cameras , such as adjusting camera image settings upon customer request . The attackers gained access to this server on March 7 2021 and maintained access until March 9 2021 .

In gaining access to the server , the attackers obtained credentials that allowed them to bypass the authorization system , including two-factor authentication . A statement from Verkada confirmed that attackers had obtained the following :
• Video and image data from a limited number of cameras
• A list of client account administrators , including names and email addresses
• A list of Verkada sales orders
Max Heinemeyer , Director of Threat Hunting at Darktrace , said : “ This attack serves as yet another reminder that complex digital supply chains are a hacker ’ s paradise .”
Candid Wüest , VP Cybersecurity Research at Acronis , said : “ Verada must secure the configuration , restrict access where it must be restricted , remove default accounts and use strong passwords .
“ They also have to update systems frequently , monitor access logs and separate devices from the rest of the network whenever possible .”
10 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com