4 minute read
WHAT LIES IN THE SHADOWS
HAIDER PASHA, SENIOR DIRECTOR AND CHIEF SECURITY OFFICER AT PALO ALTO NETWORKS, MIDDLE EAST AND AFRICA (MEA), ON CYBERSECURITY AND DARKNET IN THE REGION.
In your opinion, what are the biggest issues facing cybersecurity in the GCC?
Advertisement
The high volume of attacks is one of the main issues, and while we live in an era of rapid digital transformation, cybersecurity attacks are rising at organisations of all sizes and industries. In many cases, we have witnessed that cyber attackers are merely looking at pulling down IT systems without even having a financial gain.
At Palo Alto Networks, we elevate the security state for our customers, making them more cyber resilient and prepared well in advance. We ensure all operations continue smoothly with an optimal level of security to avoid data breaches from any sort of attack. We also have a dedicated account team and system engineers for large organisations, and we work very closely with all our customers and key partners, providing them with cuttingedge security technology to prevent cyberattacks.
Are there any country-specific issues you have to deal within in the region?
There are specific country-level issues, but in general, there is less awareness within the region when it comes to the importance of cybersecurity. Attacks in the Middle East range from actual theft of data, to spam emails or phishing attempts, due to greater prevalence of malware. Companies often do not identify when an attack has taken place unless reported by a third party or client on suspicious messages. Moreover, incidents in the region have not gained the same awareness compared to more regulated countries.
A huge proportion of the region’s firms are also privately or family-owned, with no external shareholders. In these cases, cybersecurity measures are less likely to be in place as the key focus is on profitability.
Luckily, there are cybercrime laws in place which vary from countries; with the UAE having one of the most effective laws in the GCC region, introduced in 2006.
How do these issues differ (or align) with the issues faced in terms of cybersecurity worldwide?
Cybersecurity issues are present in all markets in more or less the same way. With the Middle East developing into one of the world’s most technologically advanced regions, there are many new and greater risks involved. Moreover, with the region’s high youth population, they might be more prone to these risks.
What basic advice would you give to individuals and companies in terms of being vigilant about cybersecurity?
As an organisation, there are various aspects of system security to take control of, including regular system updates, removal of unnecessary software and plugins to limit potential vulnerabilities and avoid the spread of malvertising, and keeping a regular watch over emails – especially if received from external sources.
Organisations must look at good quality firewalls and anti-malware and antiransomware systems for early detection and prevention of the spreading of threats. In addition, organisations must have robust authentication methods in place with strong passwords and verification questions. Here at Palo Alto Networks, we follow a zero-trust approach with a strict verification process. It is essential to have authentication solutions in place within the network, the cloud and at the end point to prevent installation and spread of any malware. The quicker the detection, the greater the ability to reduce the impact.
For individuals, the basic rule is being aware of unknown cold calls and emails; for example, one must be especially suspicious if asked to open a link or share personal financial details from an unknown source. This should be an immediate red-flag and must be sent to your IT or security department.
In the age of mobile and social media, it is also best advised to avoid downloading untrusted applications and oversharing personal and financial information on social platforms. To add further protection, use different and complex passwords for accounts and change them frequently. It is all these tiny steps that can help to avoid data breaching.
Simple web browsing can sometimes interfere with security systems as well; however, most antivirus software and end point systems can predict malicious websites and flag it.
How would you explain the darknet for beginners?
The darknet is simply keeping anonymity, it is a part of the internet that cannot be found through search engines. Largely used for illegal practices, the dark web is mostly not accessible through usual web browsers and has specific ones such as Tor Network, which provides a decentralised architecture. It offers stolen data such as credit cards, personal information and ID scans, personal credit card reports, operating accounts of online systems, email accounts, stolen credentials and malware and exploit kits, amongst many.
Overall, the markets for darknet play two roles; allowing cybercriminals to purchase tools which are then used in specific stages of the kill-chain and allowing cybercriminals to make monetary profit by selling stolen data from victims.
What challenges does the darknet pose, and how are these different from regular cybersecurity?
The main challenge of the darknet is that a large percentage of internet and online service users are unaware of these threats and the safety measures to secure personal information on their systems. The darknet is mostly not used by the general public and operates very differently from the regular internet, through systems and coding platforms most consumers are not aware of.
Therefore, it is imperative to have a better understanding of how cybercriminals within the darknet operate and the type of traded information. Palo Alto Networks provides several platforms, including the NextGeneration security platform, safely enabling applications and providing solutions to prevent both known and unknown threats across the network, cloud and endpoints.
