Mujtaba Mir, the Senior Sales Engineer for META at Barracuda Networks, speaks about the security challenges companies face in the region
How has the security threat landscape evolved over the past few months?
Barracuda has noticed two major threat trends in recent months. First, phishing continues to be a preferred attack vector with cybercriminals taking advantage of the ongoing pandemic to increase their success rates. Our researchers found that hackers are increasingly using vaccine-related emails in their targeted spear-phishing attacks. After pharmaceutical companies like Pfizer and Moderna announced the availability of vaccines in November 2020, the number of vaccine-related spear-phishing attacks increased by 12%. By the end of January, the average number of vaccine-related spear-phishing attacks was up 26% since October.
Simultaneously, we have seen scammers increasingly turn to bots and automation to make their attacks more efficient and effective and help them avoid detection. A recent analysis of data on web application attacks blocked by Barracuda systems found a massive number of automated attacks, of which the top five attacks – fuzzing attacks, injection attacks, fake bots, App DDoS, and blocked bots – were dominated by attacks performed using automated tools.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
The home environment is where many people work now, so it’s really important to understand the potential risks involved. The remote workforce brings with it several cybersecurity implications including insecure devices, unpatched systems, insecure network access, an increased risk of phishing and fraud.
We have already seen the spread of concepts like Zero Trust and micro-segmentation as ways to decrease attack surfaces. These solutions will be part of a broader approach that will create trust-based solutions that will leverage social graphs and machine learning to identify issues and enforce trust relationships.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
Attackers have created many different variations of ransomware over the past few years, such as CryptoLocker, CryptoWall, TorrentLocker, TeslaCrypt, Locky, Petya, WannaCry, Bad Rabbit, and Samas. Each of these variations uses new methods of infecting their victims’ computers, thereby compromising the data and network of many organizations worldwide. Luckily, there are numerous precautions that can be implemented to prevent and recover from a ransomware attack.
A proper ransomware prevention strategy can be summed up into three categories: education, security, and backup. Of these, having a sound backup and recovery plan is usually one of the most overlooked measures in the fight against ransomware, but it is the most crucial. Successful backups with an effective retention policy enables organizations to recover from ransomware attacks without having to pay any ransom to the attackers, or losing the data altogether. A notable trend with ransomware attacks is that these are now extending to include extortion. To counter this, encryption is going to make a huge comeback this year because of data privacy.
What are the cybersecurity trends for 2021?
Human mistakes will continue to introduce cybersecurity threats: Through 2021, we can expect to see many more cases of misconfiguration, especially in the public cloud, where investments will grow the global market by a predicted 35%. The sheer complexity of multiple hybrid cloud environments running side-by-side will outpace the in-house skills needed to adequately secure and manage them. Organisations will need smarter tools to automatically scan cloud environments for such mistakes and seamlessly remediate any instances of policy non-compliance.
APIs represent a new attack vector: The digital-first businesses of 2021 have increasingly come to rely on APIs to connect to third-party services and enhance application-centric customer experiences. The challenge is that this further increases the corporate attack surface and provides cyber-criminals with a potentially useful vector to access customer data and back-end services. As APIs are intrinsically insecure, organisations will need to do a better job of layering up security via next-gen web app firewalls (WAFs).
Cloud apps will be the target of attack: Adoption of SaaS collaboration tools rocketed in 2020, while many organisations—from restaurants to banks—also developed their own apps to reach customers more effectively. The problem is that many apps are being delivered with coding errors that could leave organisations exposed to simple but devastating attacks, like cross-site scripting and SQL injection. IT security teams must therefore continuously scan their systems for vulnerabilities and act quickly to patch where a fix is available. More holistically, they should also look to WAFs to protect their applications.