Complex Made Simple

Increased cyberattacks point to countermeasure failures: The latest stats here

When COVID-19 emerged and rapidly spread, substantial cybersecurity risks presented themselves, and many organizations were not adequately prepared. If you're one of them, you need to read this

Automation must become a core principle of cybersecurity defense Over 40% of large enterprises significantly cut IT budgets and about 20% cut their security spending The World Health Organization has reported a fivefold increase in cyber-offenses on its systems since March

When COVID-19 emerged and rapidly spread, substantial cybersecurity risks presented themselves, and many organizations were not adequately prepared.

Haider Pasha, Chief Security Officer, Middle East and Africa (MEA) at Palo Alto Networks said that working remotely exposed many organizations’ cybersecurity vulnerabilities. 

“Employees, partners, suppliers, and customers all will need connections to digital assets—applications, data, and services—that are even more secure than today,” Pasha added.

Read: Remote work cyber protection lacking: GCC region under attack

Security gaps exploited  

Pasha said that cloud services are now a prerequisite for operational agility and for business continuity, but only if cloud connections are safe, secure, compliant, and aligned with data governance policies.  

“And just because your legacy cybersecurity defenses worked adequately in the past, you should not assume they will continue to stand up to new threats in the future,” Pasha assured.  

According to Pasha, intelligence gathering is not enough. He added that security operations centers, risk management professionals, data governance experts, and business leaders throughout the organization need to identify the context of data in order to use those powerful analytics tools to help make smarter decisions on risk. 

“Automation must become a core principle of cybersecurity defense,” Pasha concluded.  

Acronis, a global leader in cyber protection, released the Acronis Cyber Readiness Report and found that 92% of companies adopted new technologies to enable remote work, including workplace collaboration tools, privacy solutions, and endpoint cybersecurity. 

The challenge for organizations is managing the protection of data across the company network and all of those new devices. 

Gregory Garnier, Partner at Bain & Company Middle East, and Syed Ali, Expert Partner at Bain & Company Houston, said that in the US approximately 70% of the companies rolled out work-from-home (WFH) for their employees. 

This included increasing network connectivity to allow more people to connect simultaneously, shifting select workloads to the cloud to make access easier and faster, adopting new collaboration and productivity solutions like Zoom and Slack, and deploying devices like laptops along with other peripherals.  

Research by Bain & Company in Q4 of 2019 found that company executives overestimated the effectiveness of their cybersecurity. Over 40% of large enterprises made moderate to significant reductions in IT budgets and about 20% cut their security spending.  

Attempts at intellectual property theft, particularly since late January 2020, targeted companies across industries in the US, UK, Canada, and parts of the European Union and the Middle East.  

“A multidisciplinary task force is the most effective way to tackle WFH threats and improve resilience during the pandemic,” the Bain & Co. experts believed. 

The task force should begin by characterizing groups of remote workers and partners based on their business role and level of access. High-risk groups, like the top leadership who perform mission-critical functions or employees that have the deepest system access such as DevOps teams, system administrators, and application developers, need a robust complement of security.

Read: The latest course, security tips, and cyber awareness on working from home

Where the criminal activity takes place

Tomorrow Unlocked, the online magazine for technology culture created by Kaspersky, has released a two-part documentary ‘hacker: HUNTER that examines how cybercriminals and state-sponsored hackers are attacking the healthcare system.   

The World Health Organization has reported a fivefold increase in cyber-offenses on its systems since March.

State-sponsored hackers are locked in a battle for biodata, and cybercriminals know that hospitals may be more willing than usual to pay a ransom. In March, the Czech Republic’s Brno University Hospital, responsible for running a big share of the country’s COVID-19 testing, was held to ransom and forced to shut down its IT network at a critical time of need.

Also, over the first six months of 2020, attacks in the oil & gas and building automation industries increased when compared to H1 and H2 2019.  

The goals may not just be financial gain but also cyberespionage.

The percentage of industrial control system (ICS) computers on which malicious objects were blocked grew from 38% in H2 2019 to 39.9% in H1 2020 in the building automation industry and from 36.3% to 37.8% in the oil & gas industry.

Percentage of ICS computers on which malicious objects were blocked in selected industries

The growth in the percent of ICS computers attacked in the oil & gas industry can be traced back to the development of a variety of worms and from the end of March to mid-June 2020, a large number of these worms were detected, primarily in China and the Middle East. 

Attackers appeared to shift their focus from mass attacks to distributing more focused and targeted threats, including backdoors, spyware, and ransomware attacks. A series of attacks were witnessed against medical facilities and industrial companies.

An Acronis survey found that 39% of the companies experienced a videoconferencing attack in the past three months. Cisco recently revealed a vulnerability in its Webex app that could allow attackers to open, read, and steal potentially valuable or damaging content. 

Malware attacks increased during the pandemic, with 31% of companies reporting daily cyberattacks and half (50%) being targeted at least once a week, including in July when a leading manufacturer of GPS technologies allegedly paid $10 million in a WastedLocker ransomware attack. 

Phishing attacks are occurring at historic levels, which is not surprising since the report found that only 2% of companies consider URL filtering when evaluating a cybersecurity solution. Approximately 10% of users clicked on malicious websites in May, June, and July.