3 minute read

SIZING UP THE THREAT LANDSCAPE

Derek Manky, Chief -Security Insights and Global Threat Alliances, Fortinet discusses how the threat landscape is evolving and getting more sophisticated

Please discuss how the landscape of network security has changed in the era of cloud and IoT? is there a perimeter anymore or is it redefined?

Advertisement

Perimeter security is still required, as we see many external attacks happening to public addressed space as well as malicious egress traffic from within organizations and distributed enterprise. However, ISFW (internal segmentation firewalls) and other technology such as Network Access Control have risen in the era of cloud and IoT. We see in our top 10 threats daily now threats impacting mobile (Android specifically) and many IoT devices, as they are targeted as ‘spring boards’ to infect and move laterally within networks.

Discuss how the rollout of 5G has broadened security concerns?

5G creates quick communication and will undoubtedly widen the attack surface, meaning more devices – and more security holes – will exist for attack. Because 5G operates at high speed, threats such as worms (think Ransomware) can spread very fast and this is a large security concern. Potentially advanced threats that haven’t fully risen yet, such as swarm botnets and attacks, are on the horizon.

Elaborate how the security challenges need to be handled as traditional OT systems such as in manufacturing are integrated using IoT gateways into the IT network?

OT is the next, largest attack surface that we are facing. Yes, they are integrated through various gateways including WiFi, IoT, VPN, etc. The challenge is the nature of OT is Cyber Physical, meaning that as it is directly connected to our physical world the risk of any breach or denial of service is much greater. We have seen this in terms of attacks last year on OT, specifically targeted ransom that has cost some business in excess of $40M USD in damages. Therefore a resilient security strategy is required – from proactive security to incident response planning, and cyber hygiene training. These numbers I expect to continue to rise next year.

With more Businesses looking for setting up ecommerce sites in the face of covid-19, what primary security challenges should these websites address for making themselves more secure?

Think of using hosted cloud services that have security stacks with trusted partners built within them. This makes it easy to set up and tear down sites that will have security controls already built in such as Web Application Firewall, etc to guard against traditional attacks. Always keep in mind security practices of the hosting provider, such as patch management since we see many attacks on Apache Struts for example.

How do you see the threat of ransomware playing out in near future?

With all our energy of the past several weeks focused on adapting to the global crisis, security may have taken a back seat. But cybercriminals haven’t forgotten. Networks have been turned inside out, and they have been very actively targeting remote workers that used to be protected by the network perimeter with fake COVID-related material and other social networking attacks. And they have been probing

Derek Manky Chief -Security Insights and Global Threat Alliances, Fortinet

these new network environments for vulnerabilities in the hopes that may have been pulled together too quickly to have implemented adequate security protections and controls. — By Diksha Vohra

FortiGuard Labs has been actively monitoring the threat landscape during this time, and we have seen a significant increase in threats targeting individuals through phishing and infected websites. Email attachments contain infected and malicious content, which explains why we recorded a 131% increase in viruses during March of this year. It also explains why we have seen a reduction in traditional attacks as cybercriminals shift focus. Incidents of ransomware are likely to rise as cybercriminals look to use compromised end user devices as a conduit back into a core network that may not be being watched as carefully as it once was.

This article is from: