Home Agenda Put cybersecurity at the top of the 2022 agenda – News

Put cybersecurity at the top of the 2022 agenda – News

0


Most organizations face imbalances between people, technology, and processes, leaving vulnerabilities that attackers ruthlessly exploit

Dubai – The world has witnessed several high-profile ransomware attacks in 2021, which have had devastating economic ramifications for those targeted



Posted: Sun 26 Dec 2021, 16:32

Cyber ​​attacks such as ransomware are here to stay, and when they hit an organization, there’s not much anyone can do about it, experts say.

Therefore, organizations must be prepared to stay one step ahead of malicious actors by understanding the specific threats that affect them and strengthening their security posture to be more proactive in hunting down threats.

Ashraf Koheil, Business Development Director for Middle East and Africa at Group-IB, explained that the current cyber threat landscape is extremely diverse for large enterprises, as well as at the user level.

“The Covid-19 pandemic has favored both petty con artists and sophisticated threat actors pursuing large-scale, high-value targets,” he told the Khaleej Times. “The GCC region is home to some of the largest shopping centers in the world and is experiencing rapid digital evolution. The UAE is leading in many areas of technology and innovation; and cybercriminals haven’t fallen behind – bad actors are constantly reinventing their tactics.

He noted that regional organizations have suffered a “scam”, which poses a significant threat to both organizations, whose brand is exploited by crooks, and end users who easily fall into the trap of fraudulent campaigns misusing their brands. favorite.

Scams and phishing, he explained, continue to thrive thanks to the increase in time spent online due to the pandemic.

“They are growing in scale and sophistication,” Koheil said. “In December, Group-IB’s digital risk protection unit observed a global scam campaign targeting users in more than 90 countries, including the United Arab Emirates, in which crooks used targeted links containing branded fake surveys tailored to each victim. Such links are unique and will only work once and only for a specific use, making the scam extremely difficult to detect and investigate.

Ransomware on the rise

Rahil Ghaffar, regional director of MEA at Virsec, noted that ransomware was a persistent threat to large enterprises, government entities and BFSI, and caused considerable damage to the reputations of these organizations. The scale and sophistication of such attacks differ depending on the target, he explained. In addition to ransomware, there has also been a rapid increase in targeted attacks against users. This includes phishing attacks and stalkerware, which creep into people’s personal space, often with devastating consequences.

“It is essential that users and businesses can identify and stop any potential compromise immediately before any damage is done,” he said. “Ransomware attacks are on the rise in the United Arab Emirates. In fact, we were approached by a few government and financial institutions, which were constantly under attack with ransomware despite multiple layers of security from major vendors. We’ve helped these organizations secure their server infrastructure against zero-day fileless and remote code execution attacks with our unique, patented runtime protection technology.

Stalkerware enters the scene

Hadi Hosn, CEO of Axon Technologies, noted that the incredible advancements seen over the years in technology, especially in this region, have connected us more than ever, driving innovation, opportunity and progress.

“The pandemic has accelerated this trend as well, but we are probably still in the early stages of a long-term digitization shift,” he said. “The change is changing the way we live, work and communicate, and it is transforming the critical systems we rely on in areas such as government services, finance, healthcare and transportation. The scale and speed of this change introduces complexity and risk to our businesses and everyday users. In the last year alone, cyber attacks have been launched against hospitals and pipelines, schools and businesses of all sizes. “

He added that 2021 was the “breaking year” for ransomware and stalkerware. “Although ransomware is not new, it has gained the attention of the highest levels of government this year because it has affected people’s ability to get healthcare, put gas in their vehicles and to do the grocery shopping. When it comes to stalkerware, we’ve seen the Covid-19 pandemic cause an increase in the use of stalkerware – which is originally marketed as employee or child monitoring services and for “good” purposes. And ‘ethical’ – but, as it is so often hidden, stealthy, and does not require ongoing consent, can be used to abuse other people or violate their privacy, such as remotely monitoring and eavesdropping on phone calls, SMS messaging, Voice over Internet Protocol (VoIP) applications, GPS / location data, messaging and social media applications; and to steal images and videos from an infected device. It often happens that the stalkerware is installed through physical access to a handset and is most common on Android mobile devices.

Human error management

Likewise, Werno Gevers, cybersecurity specialist at Mimecast, said the pandemic has functioned as a “force multiplier” for existing threats in the UAE, spawning new ones. Regardless of industry or industry location, remote work scenarios with employees switching to their personal devices and not following established best practices, have created new cyber threats. With the evolution towards remote or hybrid working models, and with global supply chains in a state of chaos, most organizations face imbalances between people, technology and processes, leaving vulnerabilities that attackers ruthlessly exploit.

“To protect themselves, their employees and their customers, organizations need a multi-layered security strategy that protects against attacks inside, inside and outside the organization’s perimeter. , and helps restore critical systems and data quickly in the event of a successful breach, ”he said. . “More than deploying secure gateways, businesses need to understand that they need to manage human error to mitigate the impact of internal email threats that could disrupt their business. Another key factor that organizations should consider is a strong security awareness training program. With today’s distributed workforce and an abundance of scams circulating, the cost of human error increases. Organizations must therefore take adequate steps to prepare to detect these threats. “

[email protected]