Given enough time, employees – especially those working remotely – will click on a link to a potentially dangerous website. But how much time? According to recent data, less than an hour.
Employees access 8.5 risky URLs per day, or 59 per week, according to NetMotion researchers. That would be more than once per hour in an eight-hour workday.
Amid work-from-home orders associated with the pandemic, NetMotion wanted to answer one question: do workers pose a greater cybersecurity risk at home than at the office?
The firm recently aggregated anonymized network traffic data from May 30 to June 24, seeking evidence of users attempting to access risky content, like URLs that would be blocked by firewalls and other corporate security tools that monitor internal network traffic.
The analysis revealed that employees clicked on 76,440 links that took them to potentially dangerous websites, all visited on work-assigned devices while using either home or public Wi-Fi or a cellular network connection.
The data also revealed the most common types of high-risk URLs encountered. In order of prevalence, these were: botnets, malware sites, spam and adware, and phishing and fraud sites. Many, if not most, of these remote workers would have been prevented from accessing this risky content had they been connected to protected internal (non-public) networks.
Other key findings include:
Researchers caution that many organizations have no visibility into activity taking place on external networks, let alone the means to prevent it.
- Employees, on average, encounter 8.5 risky URLs per day, or 59 per week
- Remote workers also access around 31 malware sites per month, and 10 phishing domains
- Almost 1 in 5 risky links led to sites containing spam, adware or malware
- Phishing and fraud, which garner an outsized proportion of news, account for only 4% of URLs visited
One explanation for that last finding could be that, despite ranking low among risky websites, it takes just one unwary employee to follow through with the devious content inside a phishing email. Lest we forget, phishing, whaling and business email compromise (BEC) campaigns remain highly successful in gaining initial foothold in an infrastructure.