by Twitter ( TWTR ) The trick was certainly not a good look. CEO Jack Dorsey apologized for it in the company's earnings call last week, saying, "Last week was a really tough week for all of us on Twitter, and we felt terrible about the security incident."

For other companies, the attack could serve as a reminder that even at a time when there is much more to worry about (such as the economic recession and the ongoing pandemic), cybersecurity threats remain a problem. Now it may be truer than usual: Experts say having many people working from home presents unique security risks, especially given that many companies transitioned almost overnight.

"The way it happened (the transition to remote work), instantly, there was no warning, and all of a sudden people were just told 'don't go back to work tomorrow'," said Anu Bourgeois, professor Associate of Computer Science at Georgia State University. "Everyone became vulnerable at that point."

Remote work security risks

Only about 29% of workers had the option to work from home from 2017 to 2018, based on the most recent data available from the Bureau of Labor Statistics.

When the coronavirus hit the United States, employers had to fight to get a large percentage of the country's workforce to switch to remote work for the first time, a massive task that may have involved cutting corners when it came to security.

There are several ways that companies could have gone during the transition. In the rush to keep employees safe but still maintain their workflow, companies could have either handed out laptops that aren't equipped with the proper security software, or asked them to use their own personal devices for work, Bourgeois said.

That problem likely increased for employees and families who can't afford multiple devices, and suddenly found themselves working from home while the children attended school remotely.

"They are having to juggle different people using that device," said Bourgeois. "While you're only one person at work, your kids may have to use the device you use for work at school or entertainment. You have the vulnerability of different people on your machine."

Companies that were used to Employees are likely to work only outside the office to develop new "access controls." While workers were only able to access their company's servers and data from the office, they may now have to log into a virtual private network (VPN) or other portal to securely access the information needed to do their jobs. .

Implementing appropriate cybersecurity protocols for a remote workforce, "especially for a large-scale company, is going to be time consuming and difficult to do," said Bourgeois.

He added that even with existing security software, companies could still have problems. Some security systems track employee habits, such as normal days, times, and the length of time they typically access company systems, to identify potential hackers. But these systems can be confused with changes in people's work habits during the pandemic, and therefore may be less likely to detect violations.

It is unclear whether the hacking of Twitter had anything to do with the remote work policies the company implemented in response to the pandemic.

Former Twitter employees who examined the incident acknowledged that it is a possibility, but there is no evidence that Twitter has relaxed their security to accommodate work from home. Twitter declined to comment on its remote work policies.

Twitter said the rape was the result of a coordinated "social engineering" attack targeting workers who had administrative privileges, with the aim of taking control of the accounts.

Experts say social engineering can also It's easier when people work from home, where they can be distracted or let their guard down.

"There are people struggling, in a different environment, and that mindset is not the same when working from home in front of the office," said Bourgeois. "Many people are juggling their children and they are distracted and may be trying to quickly get past whatever task they need to do. (They) may not be as responsive to pursuing these social engineering tactics as phishing emails or phone calls. telephone ". "

Some have also warned that hackers may try to exploit people's fear of the coronavirus in an attempt to carry out hacks or phishing attempts.

"As the world's anxiety about the coronavirus continues to increase, the likelihood that more cautious digital citizens will click on a suspicious link is much higher," the Electronic Frontier Foundation wrote in a blog post in March.

The EFF has warned people looking for suspicious messages promising coronavirus-related information or offers, especially those that sound too good to be true, as an offer to send personal information in exchange for a free coronavirus vaccine.

For companies looking to avoid being the next target of an attack, in addition to implementing antivirus software and two-factor authentication, "the most important thing is education," according to Bourgeois.

"Unless your employees are well versed in all of these different types of attacks and what to be aware of, no matter what else you do, that person is vulnerable. Educating the workforce is key," said Bourgeois.

– CNN's Brian Fung contributed to this report.