Remote Working and the Cyber Security Challenges it Poses

The shift from traditional offices to hybrid and remote working models has forever altered the cyber security landscape for organisations.  Whilst flexible working brings with it many benefits, it also increases the potential attack surface for cybercriminals to exploit.

Around one in four UK SMEs now view remote working as a key cybersecurity risk, according to a study by Markel Direct. Perhaps of even greater concern is that only 48% provide training on secure remote practices, and only 46% enforce any formal access controls or policies, leaving many organisations vulnerable to attack [1]. Alarmingly, almost half of SMEs also reported not knowing what to do in the event of a cyberattack [2].

Increased Vulnerabilities Outside of the Office

Hybrid working has introduced a myriad of risks. Home network setups often lack the enterprise-level defences like firewalls, intrusion prevention systems, or standardised security settings, or even worse, workers may use insecure public networks.  Workers frequently rely on personal devices which may have outdated software or no antivirus protection, heightening the risk of malware or ransomware infections [3]. Remote access from dispersed locations can undermine traditional perimeter security models, making least privilege frameworks ever more essential [4].

With reduced oversight, insider threats also become more difficult to detect. Staff may inadvertently expose sensitive data, for example by saving files to personal cloud services or emailing confidential documents to home accounts. Meanwhile, credential sharing remains a major factor in breaches – up to 81% of hacking related incidents are enabled by stolen or shared passwords [5].

One stark example is the downfall of KNP Logistics Group, a 158-year-old UK transport company. The firm collapsed after a ransomware attack triggered by a single weak password, resulting in over 700 job losses. It’s a sobering reminder that inadequate password practices can bring down even long-established businesses.

In a recent, very high-profile, cyber incident, Marks and Spencer suffered from a ransomware attack affecting their online services, as a result of which they reportedly lost nearly £700m [6]. You can read more about the M&S incident here. M&S had previously warned of the risks presented by hybrid working in their annual report, with the incident highlighting the challenges of remote access across remote staff. [7]

The Dangers of Phishing

Phishing is possibly the greatest threat to an organisation’s cybersecurity, but remote workers are particularly vulnerable. Without direct peer support, they can find it hard to verify suspicious emails. Remote workers rely far more on digital communications, and their security practices are often more inconsistent than office staff, increasing the risk posed by phishing attacks [8].

There have even been incidents where attackers have successfully impersonated IT support in order to gain access to corporate systems. Sophos reported earlier this year that hacker groups had been flooding inboxes with spam emails, before messaging the users on Teams posing as the organisation’s IT support. They would then get their victim to accept a remote screen control over Teams or Microsoft Quick Assist, where the attacker would then deploy malware onto the victim’s device [9].  Targeted incidents like this highlight the need for organisations to monitor and restrict Teams usage from unknown individuals.

Building a Resilient Remote Culture

With the increasing use of remote working, it is important for organisations to consider implementing more robust controls to protect against cyberattacks:

• Multi-Factor Authentication (MFA) on all access points to make unauthorised logins far more difficult.
  
• Implement the principle of least privilege by granting users only the access required for their role, and continuously verifying identity.
  
• Use Endpoint Detection and Response (EDR) or Managed Detection and Response (MDR) to monitor activity across distributed devices.
  
• Regular, mandatory staff training on basic cybersecurity and phishing simulations, along with clear escalation channels to report suspected phishing attempts.

How AJC Can Help

AJC works with organisations of all sizes to strengthen cyber resilience across remote and hybrid teams. Our consultants can support you with remote access assessments, phishing prevention, policy development and incident response planning. If you’d like to review your remote working risks or build a more secure hybrid model, get in touch.

Click here, to find out more about our Cyber Security services.

Contact us on 020 7101 4861 or email us at info@ajollyconsulting.co.uk if you think we can help.

Sources:

1. https://www.markeluk.com/cyberscape
2. https://hrreview.co.uk/hr-news/l-d-news/1-in-4-smes-say-remote-working-is-cybersecurity-concern/377833
3. https://www.ictsolutions.co.uk/hybrid-working-and-the-impact-on-your-companys-cyber-security
4. https://f5consultants.co.uk/hybrid-working-cybersecurity/
5. https://www.enzoic.com/blog/8-stats-on-password-reuse/
6. https://www.forthtech.co.uk/marks-spencer-cyberattack-highlights-growing-cybersecurity-risks-for-retailers/
7. https://www.thetimes.com/business-money/companies/article/m-and-s-cyberattack-wipes-715m-from-value-of-shares-dvn7tgh3h
8. https://techcare.co.uk/article/cybersecurity-risks-to-remote-working
9. https://cyberscoop.com/ransomware-groups-pose-as-fake-tech-support-over-teams/

Image accreditation: Sigmund (March 2021) from Unsplash.com. Last accessed on 21st July 2025. Available here.