Complex Made Simple

Countering cybersecurity threats with detection, deflection, and monitoring technology

There will always be cyberattacks and their propensity will increase, but it’s up to corporates to detect and monitor and keep as many of them at bay with as little disruption to business as possible

As the UAE faced 6,042,459 email threats during H1 2020, organizations are ramping up their cybersecurity New COVID-19 phishing attacks include government stimulus check fraud Juniper Research estimates that online fraud losses are projected to exceed $48 billion per year by 2023

There will always be cyberattacks and their propensity will increase, but it’s up to corporates to detect and monitor and keep as many of them at bay with as little disruption to business as possible.

Working remotely and COVID-19 make it tough, but still doable. 

The latest threats

As the UAE faced 6,042,459 email threats during H1 2020, organizations are ramping up their cybersecurity with integrated threat defense, Trend Micro Incorporated, a global leader in cybersecurity solutions, announced.

During H1 2020, Trend Micro blocked 6,042,459 email threats in the UAE, about 1/7th of the wider GCC’s 41,236,550 email threats. Worldwide, of the 27.8 billion cyber-threats detected, 93% of them were email-borne.

COVID-19 related threats were the single largest type of threat in H1 2020 for global organizations as Trend Micro alone blocked 8.8 million coronavirus related threats, nearly 92% of which were spam delivered via emails.

“Business leaders and IT teams across the UAE are facing nightmare scenarios of cyber-attacks being delivered via email,” said Hani Abdul Qader, Senior Sales Engineer, Trend Micro. “Cyber-attacks can include scammers posing as helpdesks as well as malware embedded in pandemic-related official-looking documents that employees are likely to accidentally open.”

Business Email Compromise (BEC) detections increased by 18% from the H2 2019. 

Read: Remote work cyber protection lacking: GCC region under attack

COVID-10Pandemic response trends and lessons

A new Incident Response (IR) threat report by Secureworks reveals that cybercriminals are targeting vulnerabilities created by the pandemic-driven worldwide transition to remote work.  

Threat actors, including nation-states and financially-motivated cybercriminals, are exploiting these vulnerabilities with malware, phishing, and other social engineering tactics. 

1 in 4 attacks are now ransomware related, up from 1 in 10 in 2018 and new COVID-19 phishing attacks include government stimulus check fraud.

Healthcare, pharmaceutical, and government organizations as well as data related to vaccines and pandemic responses are attack targets.

Barry Hensley, Chief Threat Intelligence Officer, Secureworks, said:

“Security teams face growing challenges including increasingly dispersed workforces, issues arising from the rapid implementation of remote working with insufficient consideration to security implications, and the inevitable reduced focus on security from businesses adjusting to a changing world.”

Cybersecurity initiatives

Tenable®, Inc., the cyber exposure company, announced new Tenable Lumin™ innovations that help align business objectives with cybersecurity initiatives that enable organizations to predict which vulnerabilities pose the greatest business risks and act to effectively reduce them. 

The modern attack surface has expanded with new assets, from cloud to IoT to operational technology.  

Lumin’s Remediation Maturity helps security teams measure their speed and efficiency against vulnerabilities is now available. 

Lumin’s Mitigations, which evaluate the security team’s response to critical risks when timely remediation isn’t possible, will be available in Q4 2020. 

Also in Q4 2020, Tenable Lumin’s Predictive Scoring will deliver more accurate and comprehensive insight into an organization’s overall cyber exposure of assets. 

“Tenable’s predictive technologies are powered by Exposure.ai, which continuously analyzes 20 trillion aspects of threat, vulnerability, and asset information with machine learning algorithms to predict critical exposure points before they can be leveraged in an attack,” said Renaud Deraison, co-founder and chief technology officer, Tenable. 

Read: Protecting Mac OS against cyber attacks in the GCC and beyond

Fraud detection

F5 has introduced Shape AI Fraud Engine (SAFE), a new fully managed SaaS solution that eliminates fraudulent online transactions that get past existing fraud tools. SAFE utilizes a battle-tested AI engine to evaluate each online transaction across a variety of telemetry, environmental, and behavioral signals to accurately understand user intent and block human fraudsters before the fraud occurs.

Juniper Research estimates that online fraud losses are projected to exceed $48 billion per year by 2023.

“We’re seeing fraudsters launch increasingly sophisticated attacks that take advantage of COVID-driven shifts and overall economic distress,” said Sumit Agarwal, Vice President, Analytic Products at F5, and co-founder of Shape.

Application owners face two core sources of online fraud against their applications: bots and other forms of malicious or abusive automation, and real humans with bad intent. Through machine learning, Shape distinguishes automated traffic (bots) from humans as well as malicious traffic from benign and provides dynamic defenses to prevent fraud and abuse.  

Monitoring account takeovers

The ultimate prize for cybercriminals is to obtain access to other people’s money. Greg Hancell, Manager of Global Fraud Consulting at OneSpan, explains how banks can apply continuous monitoring and machine learning to defend against account takeover attacks.  

Account takeover fraud (ATO) is one of the top threats to financial institutions and their customers. In an industry survey by the Aite Group, 89% of financial institution executives pointed to account takeover fraud as the most common cause of losses. The 2020 Identity Fraud report by Javelin Strategy & Research found account takeovers trending at the highest loss rate to date, up a staggering 72% in 2019 to over $5 bn. As fraudsters get more aggressive, they continue to leverage phishing, spear-phishing, and identity theft to perpetrate further new account fraud. 

1.5 million victims of existing account fraud had an intermediary account opened in their name, a 200% increase on the previous year.

In 2018, roughly 3.2 billion personal data records were compromised. 

An effective way to recognize and defend against account takeover attacks is to implement continuous monitoring on digital platforms, and to keep watch on all the events as they happen, not just the login and the transaction, but also when requesting a balance, creating a new beneficiary, adding a new device or changing an address.