Trend Micro’s MENA VP highlights the importance of taking a multi-layered approach to security amidst the Covid-19, as hackers exploit new ways to lure organisations and attack their digital estates.
It is hard to recall another circumstance in living memory equal to that of the worldwide Covid-19 pandemic we all now face.
Indeed, it has proved to be mankind’s great equaliser, compelling governments everywhere to similar actions.
The more forward-thinking nations, such as some here in the Middle East and North Africa, have encouraged social distancing, lockdowns and other protective measures to safeguard the public good and give medical researchers the time and space they need to develop countermeasures and cures.https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Thanks to world-leading telecoms infrastructures, it has taken just a few weeks for many of us to settle into very different routines. Remote working (and distance learning for students) is the new norm.
The outbreak has led to an undeniable evolution of workplace dynamics. Collaboration tools and other communication platforms have enabled virtual gatherings and business continuity and, so far, the increased throughput has been handled admirably by regional service providers.
But as we work from home in ever-increasing numbers, we must also address the issue of safety for our workforce, infrastructure and data. Each time we authenticate ourselves remotely to our corporate networks and cloud environments, we open the door to bad actors seeking to exploit a global tragedy for their own ignoble ends.
The attackers at our digital door
At Trend Micro, we have seen this up close. We have seen attackers directly leverage the COVID-19 pandemic to lure organisations and individual users into unsafe actions. In the first quarter of this year alone, across the MENA region, we detected and blocked 8,434 threats, which were a combination of infected emails, URL attacks, and malware. As we work from home, we can also unwittingly wave flags at attackers; and they will never miss a chance to respond.
We already know that the propagators of threats are among the most adaptable and opportunistic our species has to offer. And C-suite managers and IT decision-makers will need to take all possible steps to ensure our evolved architectures are not full of holes. This will call for some bold steps and require mindsets that are as adventurous and innovative as those of the digital miscreants that are out to cause our organisations harm.
Threats today come in many forms, and different regions have their own rogue’s galleries of the worst offenders.
As part of our 2020 predictions, Trend Micro posited that home offices and other remote-working spaces would redefine supply-chain attacks – campaigns where low-value targets are compromised to get access to higher- and higher-value victims. Now that those initial targets are employees in their own homes – on what, in many cases, may be a private, relatively unprotected device – it behooves all those in a cybersecurity role to consider how they are going to protect a significantly more vulnerable ecosystem.
Protections and countermeasures
How do we stop cybercriminals amassing troves of personal information that can be used in such attacks? How do we stymie cleverly designed enterprise attacks that use home and public networks by impersonating employees? If we do not, our employees’ homes will, in complete innocence, become the springboards for supply-chain attacks.
In addition, Trend Micro’s Security 2019 Round-up report revealed that in the GCC, malware attacks were one of the biggest cyberthreats, with around 5.5 million incidents recorded across the region that year. This made it the fifth most-hit region by malware in Asia, and 14th in the world.
Saudi Arabia alone endured approximately 2.4 million attacks and the UAE 2 million. The Gulf also provided the stage for more than 9,000 banking malware attacks in 2019, coming in eighth in Asia and ninth in the world for such attacks.
So stay-at-home workers are more vulnerable because of supply-chain attacks and the GCC region is a historic hunting ground for bad actors. This leads us to the inevitable conclusion that stay-at-home GCC workers need to be given robust protections as we work through the challenges ahead. We must be vigilant and rethink our threat postures.
New times, new tools
Trend Micro has long taken an extended detection and response approach, known as XDR. By expanding the detection-and-response function to cover emails, networks, endpoints, servers, and cloud workloads, we can put advanced artificial intelligence to work in trawling that entire ecosystem looking for data points that correlate to those within Trend Micro’s global threat-intelligence data-pool. Such an approach delivers higher-fidelity alerts with fewer false positives, leading to better, earlier detection.
By combining applications, workloads and infrastructure, we are empowered with broader perspectives on our environments – across premises boundaries, through the data center, into the home and back again – for a 360-degree view of the new remote-working enterprise that is rich with context. From here, we can identify threats more easily and contain them more effectively.
With Trend Micro’s XDR platform, security professionals are presented with a single dashboard that allows easy, one-click drilldown into the most relevant events, with graphically clear representations of attack timelines and all related events.
With such visibility, they can get to the crux of an issue quickly, with minimal manual effort, determining its root cause and its impact on their organisation. Capabilities such as these lead to wiser, more timely actions in real time and adjustments to strategy for the long-term benefit of the entire enterprise.
Keeping safe… and productive
Trend Micro’s XDR solution was recognised as a “leader” by the Forrester Wave: Enterprise Detection and Response’s, Q1 2020 report, which cited “a forward-thinking approach” and recommended Trend Micro XDR as “an excellent choice for organisations wanting to centralise reporting and detection with XDR”, especially if those organisations have “less capacity for proactively performing threat hunting”.
Just because many of us are sequestered for the foreseeable future, does not mean that our productivity needs to cease. Nor do we necessarily need to trade off robust cybersecurity against our physical health. With the right measures in place, we can all keep ourselves safe at home while ensuring our digital estates continue to say protected with new security innovations.