If there is a possibility of using multi factor authentication over a password, when it comes to online security, go for the multi factor authentication each and every time, says Paula Januszkiewicz, Microsoft regional director and founder and CEO of CQURE.
Speaking to Khaleej Times in an exclusive interview, she explained that cybercriminals have tailored their approach specifically to target end users in a bid to break into corporate networks. This trend has accelerated in tandem with the growth of the remote workforce during the Covid-19 pandemic.
"There are many cybersecurity challenges that companies are facing right now," she said.
"Basically, we have many more people sitting at home due to the pandemic and hackers that are well aware of this. Identity theft is a very common tactic used by hackers to get into networks. A simple password is not enough to stop these malicious actors anymore."
Asked to elaborate on the type of attacks that have grown in volume and length in recent years, she pointed to an increase in nation state attacks, as well as a growing industry of companies called private sector offensive actors (PSOAs) who are creating and selling cyberweapons that enable their customers to break into people's computers, phones and Internet-connected devices.
"What we are seeing is an intersection between cyberattacks and Covid-19," she said.
A recent study sponsored by HP Inc revealed a 100% rise in 'significant' nation state incidents between 2017 and 2020. An analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 showed that the enterprise is now the most common target. Experts involved in the study said that the pandemic presented a 'significant opportunity' for nation states to acquire Covid-19-related intellectual property (IP) data, such as information on vaccines.
The report paints a grim picture of escalating tensions supported by complex structures that tightly intersect with the underground cyber criminal economy known as the 'Web of Profit'. It was found that nation states are devoting significant time and resources to achieving strategic cyber advantage to advance their national interests, intelligence-gathering capabilities and military strength through espionage, disruption and theft. Attempts to obtain IP data on vaccines and attacks against software supply chains demonstrate the lengths to which nation states are prepared to go to achieve their strategic goals.
Januszkiewicz also highlighted an increase in ransomware, specifically, Human-operated ransomware campaigns. "You have to understand that ransomware isn't anything new, but it is on the rise right now in various sectors."
Human-operated ransomware are hands-on-keyboard attacks, which are different from auto-spreading ransomware, she explained. The hackers involved employ credential theft and lateral movement methods traditionally associated with targeted attacks like those from nation state actors.
They often have extensive knowledge of systems administration and common network security misconfigurations, perform thorough reconnaissance, and adapt to what they discover in a compromised network. These attacks are known to take advantage of network configuration weaknesses and vulnerable services to deploy ransomware payloads, deliver other malicious payloads, steal credentials, and access and exfiltrate data from compromised networks.
Januszkiewicz warned organisations to be aware of "what they are protecting" in order to be aware of what kind of threats they will be facing. "A Zero Trust approach that revolves around cloud based solutions that recognize the threat very quickly and relies on machine learning is what is needed."
She also added that corporations need to have not just the technology, but the proper infrastructure in place to tackle the challenges of an increasingly mobile and remote workforce. "We must ensure that all the solutions that we are using in our corporate environment are cooperating within themselves smoothly. You need a solution that embraces the human error, more than ever, and technology that works with human behaviour to handle security. Also, you should regularly test the environment especially if you have a remote workforce." — Khaleej Times/Tribune News Service