Lara Yousuf, the Partner Manager at Mimecast, speaks about how digital economies can be secured
How has the security threat landscape evolved over the past few months?
The COVID-19 pandemic has impacted the market significantly and both security and compliance capabilities are challenged in the work from home and now hybrid work phenomenon. Cybercriminals have taken advantage of the uncertainty to accelerate their phishing, impersonation, and ransomware attacks on organisations.
According to Mimecast’s report titled “Arabian Peninsula as a Cyber Innovator and Associated Cyber Risk to Resilience in the Region”, researchers observed a month-on-month increase in malicious files detected in the region over the course of 2020. The report highlighted how between March and April – when COVID-19 first began spreading in the region and countries went into lockdown – there was a 93% increase in malicious files detected.
There has been a steady increase in malicious files every month since then. Spam has remained the most prominent vector across all sectors throughout the region and malware-centric campaigns have been observed to continue quarter over quarter. Threat campaigns are becoming increasingly sophisticated and continue to use a diverse range of malware during the different phases of an attack.
Criminals have capitalised on major events to trick people into clicking on links on topics they’re interested in learning more about. The latest is the large-scale rollout of vaccines around the world where people are looking to get vaccinated as quickly as possible and more likely to click on a malicious link on the subject.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
COVID-19 has radically changed the way knowledge workers work. The cybersecurity challenges that they face have changed radically as well. Remote work was already becoming common even before the pandemic. What COVID-19 did was accelerate this trend to the point where home and business computing have become thoroughly mingled. This has also exacerbated the risks of a cyberattack. Especially now that the majority of workers in the region are back at work and organisations have adopted a hybrid working model.
This allows cybercriminals to piggyback on workers going to and from the office – going from an unsecured home network to the secure office network. Social distancing has resulted in a significant increase in the digital transfer of content and increased usage of collaboration tools and email posing a cyber risk for employees.
People simply are not as vigilant about cybersecurity when they aren’t in the office, as was evidenced by Mimecast’s ‘The Year of Social Distancing’ report, which found a 3X increase in unsafe clicks (clicks on malicious URLs in emails) employees worldwide during the time when social distancing and lockdowns were going into effect.
Mimecast’s research on Company-issued Devices revealed that since the start of the pandemic, 61 % of the respondents in the UAE admitted to opening emails they thought looked suspicious while 50% did not report suspicious emails to their IT or security teams. This is compared with the global average of 45% for both opening and non-reporting of emails. Because attack methods are quickly evolving and growing more sophisticated, targeted, and dangerous, traditional security approaches are no longer effective.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
Ransomware attacks are becoming more and more sophisticated. According to Mimecast’s latest “The State of Email Security” report, respondents in the UAE identified ransomware as the chief culprit behind disruptions, with 78% in the UAE indicating they had been impacted by ransomware in 2020. The report also revealed that companies impacted by ransomware lost an average of six working days to system downtime, with 29% of the companies in the UAE saying downtime lasted one week or more.
Ransomware continues to thrive and unfortunately, most companies are choosing to pay ransom, making them an attractive target for subsequent attacks. As an all-in-one service, Mimecast provides protection against a broad range of cyber threats delivered via email, including ransomware.
Mimecast tackles ransomware with a layered cyber resilience solution; bringing together data protection, business continuity, archiving, and recovery capabilities for email from a single cloud solution. This means that not only does it protect organisations from ransomware but in the event that a new and evolved threat manages to breach an organisation’s defences, they are able to recover their data and continue operating their email as usual.
What are the cybersecurity trends for 2021?
In the first few months, we have already seen an increase in ransomware. Mimecast’s “The year of Social distancing” report revealed a 48% increase in threat volume in March 2020 – February 2021 over the previous year. Mass uncertainty due to the pandemic has created plenty of opportunities for threat actors to engineer attacks, for example capitalising on vaccine rollout campaigns.
Even though most organisations in the Middle East are back at work, hybrid working models have become the norm and we expect to continue to see dispersed workforces in 2021. Constant vigilance around employee risk and awareness training is therefore critical.
Productivity and collaboration tools will also continue to be in high demand and organisations will need to ensure they have the right cyber resilience tools in place to protect these channels of communication. Dispersed workforces have also highlighted the importance of cloud security and data stored centrally in the cloud.