TITLE:
A New Cyber Risk: How Teens Expose Corporations in WFH Era
AUTHORS:
Zahm Siyed
KEYWORDS:
Cybersecurity, Remote Work, Teens, Vulnerabilities, VPN, Corporate Risk
JOURNAL NAME:
Journal of Information Security,
Vol.14 No.4,
October
16,
2023
ABSTRACT: We analyze the risks associated with teenagers’ online activities and the potential migration of
cyber threats originating from teenagers to their parents’ work-from-home (WFH) devices, even when defensive
measures such as VPN are employed. Furthermore, we examine the serious
implications these risks have on corporate security. Of particular concern, parents who work with confidential corporate information, such as financial
projections or product roadmaps, might find that their kids are targeted by
hackers who seek an easier entry-point to home networks and eventually WFH
devices. This paper is timely since there is a rising trend of hybrid work in
white-collar
professions, mixing traditional in-office work with WFH. The latter is
increasingly done in split shifts, including work performed before breakfast or
after dinner. While this shift offers numerous workforce advantages and helps
teen-parent bonding, it also introduces a plethora of cybersecurity risks,
especially when these devices and networks are shared with teenagers on home
networks. We did a structured survey of 62 teens which confirms that risky
online activity abounds, so the threat of risk migration onto corporate networks should not be
ignored. We perform a migration risk assessment and identify which teen-origin
risks are most likely to contaminate parents’ WFH devices. We evaluate 20 attack vectors and
generate 60 risk ratings. We classify 29 as high risk, 8 as medium risk, 13 as
low risk, and 10 as not relevant. We offer recommendations to mitigate this new
set of cyber risks.