The Overlooked Cyber Risk of Employees Returning to the Offices from Quarantine

The Overlooked Cyber Risk of Employees Returning to the Offices from Quarantine

The COVID-19 pandemic has created many challenges for businesses. Employees have been tasked with working remotely from home, in addition to making sure their connection is secure. However, as the quarantine slowly ends, employees are beginning to return to the work offices. Unfortunately, there may be something malicious waiting for them on their devices at their workplace.  

Dormant Cybercriminals and Malware  

Malicious actors and cybercriminals have largely exploited the COVID-19 pandemic to attack networks and users. Specifically, there has been a sharp increase in coronavirus email phishing scams. Such phishing emails may contain malicious links or attachments which may steal personal information or infect your computer with malware. Considering this, it would not be a surprise to see fraudsters exploit the shift back to the workplace.  

Employees returning to the office post-lockdown will connect back to corporate networks. Cybercriminals who have already cleverly made their way onto employee devices through phishing attacks for example, are now waiting to connect to the corporate networks and wreak havoc. This way, attackers are able to move through the network and cause more serious damage such as deploying ransomware. 

During the pandemic, there has also been a rise in malspam campaigns distributing malware such as Emotet and Trickbot. Emotet is a malware used to steal information from businesses and individuals. It is sent through phishing emails that contain malicious Microsoft Word documents. Trickbot is a trojan malware that is used by malicious individuals to steal data and deploy ransomware as well. These threats can be difficult to detect without strong endpoint visibility across employee devices. Businesses may have struggled with this during the pandemic, as employees rushed to configure their remote work setting from home without thorough planning. 

Lack of security configuration is also another factor that has impacted employees working from home. Employees may not have been able to update their work computers or include any necessary security patches during the quarantine. This has added on to the risk of attackers breaching out-of-date and unprotected devices. Connecting these devices back to the corporate network will allow for the attacker who has been waiting to finally strike.  

Cybersecurity Tips for Returning to the Office 

Now that employees are slowly returning to the offices, it’s important to consider some cybersecurity measures when reopening. Conducting fresh staff awareness training is important as organizations must remind employees of their security obligations in the workplace. This is vital, considering the new threats emerging as a result of their return to the workplace.   

Another significant tip to keep in mind is scanning and updating employees’ laptops. Organizations may have provided employees with laptops to work from home during the lockdown. However, these devices may not have undergone necessary operating system updates, thus leaving them with vulnerabilities that attackers could exploit. Make sure to first scan and install updates on these devices before putting them back to use in the office. 

Another IT issue to take note of is to reboot inactive infrastructure that has been sitting dormant during the quarantine. Prolonged inactivity may result in unpatched vulnerabilities or other issues. Testing your systems before putting them back to work can ensure they are ready without any issues present.       


If you think your company is vulnerable to threats and risks, contact LIFARS today for Vulnerability Management.