To say that the last 18 months, have seen enterprises experiencing seismic transformation and disruption in the way they work, is an understatement. Across industries, organisations have had to adapt and embrace changes in how they operate fast, with employees predominantly working remotely and critical data and systems being accessed from outside the workplace.
As a result, large-scale changes in remote access architectures and cloud-delivered services have been required. With the intensive adoption of video applications like Skype and Zoom by newly set-up homeworkers, enterprise WAN and LAN capacity has had to be upgraded as well.
Not surprisingly, cyber attackers were quick to spot an opportunity. 2020 saw record-breaking attacks targeting vulnerabilities brought about by these new business practices, putting security professionals on the defensive. In the Middle East, cyber-attacks increased by 250% in 2020, and phishing and ransomware were named some of the most serious concerns for businesses and governments in the region.
According to a recent survey by PwC, cybersecurity is a growing concern for organisations, with approximately 43% of Middle East CEOs planning to increase investments in cybersecurity and data privacy by 10% or more over the next three years, compared to the global average of 31% Moreover, 41% of these leaders think that their organisation should be doing more to measure cybersecurity. The ever-evolving threat environment has made it increasingly necessary to be vigilant.
Shifting threat tactics
Threat tactics are constantly evolving. Cyber-attackers are preying on the anxieties surrounding the pandemic to exploit new opportunities for perpetrating fraud.
Bad actors have modified several tried-and-tested tactics to the current environment. For instance, lure attacks have taken place on vital COVID-19 services. Cybercriminals used email, SMS, and other messaging applications in the early days of the pandemic to prey on victims’ fears regarding personal protective equipment (PPE) shortages, contact tracing, and, more recently, fraudulent vaccine passport requirements.
Distributed denial-of-service (DDoS) attacks have also been on the rise, as attackers unleashed more than 10 million DDoS attacks in 2020. Moreover, according to research from NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT), threat actors launched approximately 5.4 million DDoS attacks in the first half of 2021. Because of the shift to remote work, attackers increasingly targeted on-premises VPN concentrators, and the shift to remote working means one attack can disrupt an entire organisation. In contrast, before, it might have only disrupted 10-20% of the workforce. The NETSCOUT World Infrastructure Security Report (WISR) report revealed that more than two-thirds of enterprises reported DDoS attacks that targeted customer-facing services and applications, while 75% saw attacks targeting their infrastructure. In both cases, these attacks directly affect the organisation’s ability to service customers, thus impacting revenue and profitability.
Ransomware has emerged as a significant threat in the past few months as well. NETSCOUT’s Threat Intelligence Report published earlier this year showed that about a quarter of enterprises reported a ransomware attack in 2020.In the past few months, the UAE saw a growing wave of ransomware attacks, with surveys reporting that 78% of businesses were impacted by ransomware in 2020. Moreover, according to a recent industry report, the average cost of remediating a ransomware attack in the UAE in 2021 is $517,961.
Vital industries such as e-commerce, streaming services, online learning, and healthcare have all experienced increased attention from malicious actors targeting the very online services essential to remote work and online life.
Enterprise security in the ‘post-COVID world’
There’s a continuing need to combat ransomware attacks.
As ransomware attacks continue to target enterprises, several industry initiatives are underway to combat this scourge. Security vendors, industry associations, enterprises, and governments are increasingly working together to put measures in place to curtail these attacks. One such measure under consideration is extending Know Your Customer (KYC) transparency rules in financial transactions to include cryptocurrency transactions. These forms of payment are the primary choice of ransomware attackers because they are untraceable. Therefore, new KYC rules may act as a powerful impediment against such attacks. Enterprises should strongly support such efforts.
Security must be a part of your corporate culture
Security and business continuity planning should be ingrained in every enterprise’s corporate culture. This planning should include a cyber-attack response plan. Moreover, in addition to creating a rapid response plan, it is advisable to conduct extensive employee training to stand as a line of defense against cyber-attacks. Business leaders must reinforce good cybersecurity practices across all functions of their organisation. Leaders should also set an example by demonstrating a commitment to security that sets a tone for the business.
Overall, although the future is always difficult to predict, one thing is certain: cyber-attacks will not subside. That means enterprises must develop both short- and long-term strategies to counteract these threats. In the short term, security professionals will need to focus on plugging the holes that have emerged since the lockdowns began. Experts recommend implementing cloud security controls in development environments, preventing VPN concentrators from being easily identified by probing attackers and upgrading to a dedicated DDoS protection capability.
In the long term, enterprises need to develop and maintain well-thought-out strategies that prioritize security in this relentless battle against threat actors. When it comes to cyber-attacks, no business sector is off-limits. Cybercriminals target businesses of every size, in every industry whether that’s public or private sector. Comprehensive cyber-attack protection is no longer an option. It’s a necessity.
