Separator

The Growing Cyber-Attacks In The Country

Separator
Hatem Naguib, COO, Barracuda NetworksA skilled, effective communicator and leader, Hatem holds over 25 years of experience working in high-tech companies - building innovative products in enterprise software, cloud services, data center virtualization, software defined networking and cybersecurity.

What Are The Latest IT Trends Jeopardizing The Security Environment Globally And In India?
Social Engineering attacks such as spear phishing has quickly become one of the hottest and most dangerous cyberattacks around the world. The numbers vary based on how costs are counted and crimes are categorized. The numbers are much higher when you consider that Business Email Compromise(BEC), corporate data breach, and other types of crimes that can be related to phishing attacks are categorized separately. Everyone is a target: individuals companies, governments. The attacks work because they are highly personalized and traditional security solutions fail to detect them costing billions in financial reputation and brand damage.

Cybercriminals have shifted their business model instead of casting a wide net and hoping that one in a million email recipients will fall for the scam, they launch targeted attacks against larger organizations to monetize with much greater payoffs. With antivirus solutions stopping spam and viruses, attackers started writing custom zero-day malware that could evade traditional anti viruses. Soon, attackers realized that people are the weakest link in the chain and started launching phishing and ransomware attacks to effectively monetize their efforts.

Social Engineering attacks are the top most threat to cybersecurity.
We are moving into the fine tuning phase of AI & machine learning. How are these technologies going to remodel and improve the cyber security across the globe?
If we take a look at social engineering attacks such as spear phishing and BEC, they re extremely hard to detect. Cybercriminals leverage social engineering to mimic user behaviour to get around known defences and infiltrate organizations. Increasing organizational complexity can lead to significant risk if cybersecurity cannot sufficiently manage the changing environment by properly defending, monitoring and responding to threats. The attacks work because they are highly personalized and traditional security solutions fail to detect them.

To stop impersonation organizations have to understand internal patterns who’s talking to whom, when how frequently is the conversation typically one way or not which email addresses are they using, and others. An AI engine ingests a large number of signals related to the metadata of the message(who's sending to whom)and its content which allows it to determine with a high degree of certainty whether or not the message in question is spear phishing.

Defending against attacks launched using AI models is of course going to require organizations to have access to massive amounts of data to teach the machine and deep learning algorithms employed to create the AI model to recognize cybersecurity attacks.

The AI engine identifies impersonation attempts and stop the attacks in real time it also gives a view into those individuals who are at highest risk of both being impersonated and being targeted. These AI engines not only prevent cyber attacks, but save billions in financial reputation and brand damage.

Cloud computing has always been a duel edged sword. What are some of the latest challenges facing
the architecture of public cloud and how has been the reaction from the security industry?
The public cloud sits at the heart of global digital transformation efforts. It offers huge advantages of on-demand highly scalable compute power to drive IT agility, cost savings and innovation fuelled business growth. It’s no surprise that worldwide spending is set to grow at a CAGR of over 22 percent from 2019-23 to top $500 billion according to IDC. When it comes to cloud computing cybersecurity is always cited as the number one reason why organization don’t make more extensive use of these services. The architecture of a cloud configuration is very different to that of the ones we are used to seeing in the datacentres around the world. One of the major reasons there is some reluctance to embrace cloud services comes down to configuration management.

The challenge now is going to be developing a cloud security framework that works consistently across what has become a defacto hybrid cloud computing environment. Unfortunately today each cloud platforms is managed and secured in isolation from one another which only serves to increase the total cost of IT no matter how much money is saved deploying any one workload in the cloud. Until the day the management of those cloud computing frameworks becomes more unified, cybersecurity professionals are going to need to continue to exercise a lot of patience and forbearance. Therefore the management of the cloud needs to follow suit. Cloud architecture is different. Control management, and data planes have been deliberately separated to enable a performance not possible in an on premise alternative. The separation of planes is an area that organizations need to appreciate regarding security.

As more & more customers leverage public cloud infrastructure & solutions, human error will continue to be the primary source of breaches leading to misconfigurations and overlooked vulnerabilities


How is the future shaping up? What should we expect and what could be the growth trajectories?
Email and internet facing applications will continue to be the top threat vectors as we head into 2020. Unfortunately, many organizations still have inadequate protections in place. Email threats evolve quickly as attackers find new ways to evade traditional email security solutions, so organizations will need to turn to more advanced protection that can keep up with the changing tactics. Web application security is often overlooked because most organizations don’t have the resources or skills needed to manage the solutions properly. In addition many customers presume their hosting service supplies this protection when they may cover some but not all their requirements. A continuing trend toward cloudbased and as-a-service application security solutions will help make this more accessible for a broader number of organizations which will help address this problem in the coming year. Finally, as more & more customers leverage public cloud infrastructure & solutions, human error will continue to be the primary source of breaches leading to misconfigurations and overlooked vulnerabilities.

Going into 2020, CISOs will need to understand the proliferation of privacy and compliance laws that are being proposed and implemented globally. GDPR was just the beginning and executives need to be prepared to adapt as similar regulations are introduced. The implications of these types of rules can be farreaching, and they’re bound to get more complex particularly as organizations try to navigate potential overlap. CISOs also need to continue to make sure they are effective at driving support for key security initiatives with the CEO and board members, capitalizing on the attention raised by increasing security concerns to get the resources they need to address new challenges. It will be increasingly important for security executives to focus on how to integrate security into company culture so everyone in the organization understands the roles they play in keeping the company secure.

Highly targeted attacks, conversation hijacking and deep fakes of people’s voices will proliferate as mechanisms for business email compromise attacks, making these highly targeted threats even more convincing, and ultimately more costly. Recent, Barracuda research showed that BEC makes up only seven percent of spear-phishing attacks, but the price for successful attacks can be steep. According to the FBI, businesses have lost $26 billion in the past four years due to BEC attacks, and with new tactics like this, I expect to see that number grow even faster. It’s also a major election year so we should expect to see nation states using the Russian playbook to influence elections at both a local and national level, and government organizations need to be prepared to defend against these attacks. IoT-based security attacks will gain more prominence as cybercriminals find new ways to exploit IoT security vulnerabilities.

The public sector and education will continue to be key targets of hackers and attackers. Organizations in both of these industries are operating under tight budgets, often with minimal security and IT staff and outdated technology, which leaves them vulnerable to a wide range of attacks, such as ransomware.

I expect to see more consolidation amongst vendors in 2020 as customers look for platforms instead of standalone solutions. Customers will be looking for streamlined experiences that are simple to manage and make their lives easier, and vendors will need to adapt accordingly.