Attacks Will Continue to Disrupt

Next Article

CIOs Have Accelerated Their

ATTACKS WILL CONTINUE TO DISRUPT REMOTE LEARNING ACTIVITIES OVER THE COMING YEAR

Ram Narayanan, the Country Manager for Check Point Software Technologies Middle East, says that businesses should invest in educating users on how to spot and avoid potential security risks

How has the security threat landscape evolved over the past few months?

The threat landscape has been rapidly evolving with more sophisticated and targeted attacks. Among the most popular are zero-day exploits and ransomware attacks. The kind of we are experiencing are the 5th generation of cyberattacks: large scale, multi-vector, mega attacks targeting businesses, individuals, and countries. The most recent Solarwinds supply chain attack was truly unprecedented in its sophistication and scale.

The exploit showed just how insidious and damaging these ‘unknown’ threats can be, where no-one is aware of the flaw apart from the attackers who are exploiting it. The Microsoft Exchange server vulnerabilities incident is another example of a massive attack in which a group of highly skilled cybercriminals were actively exploiting four zero-day vulnerabilities in the Server which resulted in a full race amongst hackers and security professionals. We see two concurrent trends; One, cyberattacks targeting Microsoft Exchange servers were increasing sharply. Two, ransomware attacks were simultaneously rising steadily.

What sort of security challenges are

people facing when working from home and how is your company equipped to handle those challenges?

Remote work and a distributed workspace is the new working reality. This ‘new normal’ has produced several elements that influence the risk and security posture of an organization. Firstly, the attack surface has greatly increased as in businesses rushed to enable remote access, many companies allowed connectivity from unmanaged home PCs that often lacked basic cyber-hygiene such as updated software patches, anti-malware etc. With remote work as the new standard, remote employees are more prone to careless behavior and non-compliance to corporate policies. Another challenge us which arises is how cybercriminals benefit from socially engineered cyberattacks that exploit a user’s fear, uncertainty and doubt.

As employees continue to prefer to work remotely, every company now needs to rely more on each one of its employees to guard its data and critical network credentials. To deal with these challenges, organizations need to recalibrate their cyber security approach around securing their corporate networks and datacenters, cloud environments and employees wherever they are.

Our advice to businesses is to invest in educating users on how to spot and avoid potential security risks – this is the first step to preventing cyberattacks from the start. To boost that effort, Check Point Harmony is designed to help businesses protect remote employees, devices and internet connectivity from malicious attacks, while ensuring secure, remote zero-trust access at any scale to any corporate application.

How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?

While ransomware has only started taking its first steps in the mobile world, it evolved fast in 2020 as malicious actors applied their experience of network ransomware to create mobile variants. Ransomware attacks may have started off simplistic and daring, but today they’ve become a business’ worst nightmare and a criminal’s cash cow. Cyber criminals know they can make money with ransomware and it’s become a largely profitable industry. Business owners who are unprepared for a ransomware attack won’t bounce back without consequence – if they bounce back at all.

For cybercriminals, ransomware is relatively easy to implement; all it takes is one employee or lax security standard, and you can hold an entire company hostage. For business owners, ransomware is devastating; it can cost upwards of millions of dollars to fully recover from an attack. To tackle this problem Check Point Software Technologies provides Anti-Ransomware solution, which defends organizations against the most sophisticated ransomware attacks, and safely recovers encrypted data, ensuring business continuity and productivity. Anti-Ransomware is offered as part of Harmony Endpoint – Check Point’s complete endpoint security solution.

How can companies overcome digital security and privacy challenges?

Modern organizations need to recalibrate their cyber security approach around three main elements: Securing their corporate networks and datacenters, securing cloud environments and lastly, securing employees – wherever they are. Achieving complete protection across the expanded attack surface, requires security solutions that deliver: complete security against Gen V, zero-day attacks; solutions that are easy to deploy and manage; and eliminate patchwork security architectures and high TCO with integration and interoperability.

Do you believe companies today have accelerated their digital transformation initiatives?

Absolutely. Digital transformation and technology trends have shaped how we live, communicate, and do business. In the last year, businesses were forced to accelerate their DX efforts to ensure business continuity, ensure efficient customer service, satisfaction and retention and pave the way for future growth. In a recent Gartner CFO survey, 74% of companies said they intend to shift employees to the distributed ecosystem permanently. As part of their DX transition, companies have adopted the cloud which offers the resources to enable business model transformation, to deliver services and solutions at a more flexible and faster pace. Organizations are becoming more agile, embracing technologies like artificial intelligence (AI), machine learning (ML), mobile and cloud computing to scale efficiency and profitability, while remaining competitive at the same time. The “new norm” workspace has expanded the organization’s perimeter as governments mandated lockdowns, organizations transitioned to employees working from home and accessing corporate resources through secure access.

What are the cybersecurity trends for 2021?

In 2021, Covid-19 will still be impacting our lives, businesses and societies, and those impacts will change as the year progresses. So, we need to be ready for a series of ‘next normals’ as we respond to those changes. Following the rush to remote working, organizations need to better secure their new distributed networks and cloud deployments to keep their applications and data protected.

Attacks will continue to disrupt remote learning activities over the coming year. We’re seeing a weaponization of fake video or audio that employ advanced technologies to create targeted content to manipulate opinions, stock prices or worse. The threat of data leakage has been amplified with contact tracing apps; mobile malware targeting users’ banking credentials and committing click-fraud on adverts is a major growing threat.

As 5G networks roll out, the numbers of connected IoT devices will massively expand – drastically increasing networks’ vulnerability to large scale, multi-vector cyber-attacks. IoT devices and their connections to networks and clouds, are still a weak link in security: it’s hard to get complete visibility of devices, and they have complex security requirements. We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors.