Yuri Zaharin, Exclusive Networks’ Malaysia country manager talks to EITN about digital transformation journeys and the security gaps to look out for.
EITN: What are main security vulnerabilities of working from home today?
Yuri: There is an increasing number of threats for companies today, especially those with a distributed workforce that works from home. Personal devices – phones, computers etc – can be vulnerable to cyberattacks and this can have ramifications for organisations.
We are seeing more social engineering threats and spear-phishing attacks affect companies. Employees working from home often go on social media (more so at home with no overwatch, unlike an office environment where visiting social media sites is harder to do in an inconspicuous manner) where they can be targeted by criminals.
Hackers can also use social media to conduct brand imitation, whereby they send QR codes – a popular way for businesses to provide information such as menus, pricing etc – to unsuspecting victims who are then redirected to a fraudulent website.
Instead of using spray-and-bulk phishing attacks, where fraudulent messages are sent en masse, criminals have turned to highly targeted spear-phishing attacks, which use information gleaned from social media to build convincing messages to target victims. They can impersonate individuals that they may know and persuade them to hand our sensitive information such as ID numbers, bank details, home/office addresses, or even financial hardships, health issues, and career ups and downs.
Hackers can also use social media to conduct brand imitation, whereby they send QR codes – a popular way for businesses to provide information such as menus, pricing etc – to unsuspecting victims who are then redirected to a fraudulent website.
Social media is a place where people often go to destress, take their mind off work, think about something else for a short period of time. However, this can cause people to let their guard down and unwittingly part with information that can then be used against them and their company.
Instead of using spray-and-bulk phishing attacks, where fraudulent messages are sent en masse, criminals have turned to highly targeted spear-phishing attacks, which use information gleaned from social media to build convincing messages to target victims. They can impersonate individuals that they may know and persuade them to hand our sensitive information such as ID numbers, bank details, home/office addresses, or even financial hardships, health issues, and career ups and downs.
EITN: What can be done to mitigate the risks?
Yuri: The key, as always, is education. Basic cyber hygiene must be taught and instilled on a regular basis to employees and they much stay vigilant. Even innocuous posts on Instagram can provide a wealth of information for hackers, such as data left on a computer screen in the background, the details of clients or the location of their home and/or office.
Employees should be taught to watch what they post and check what information is included in their pictures, especially for any personally identifiable information online such as names, home and email addresses, telephone numbers, date of birth and other information relating to medical status and education, etc.
EITN: With so many new technologies rising up, and especially AI which cybercriminals themselves are using, what are some of the cybersecurity trends you see, moving forward?
Yuri: One trend to watch out for is API hacking. This is where a cybercriminal attempts a hostile usage of an API. APIs are incredibly useful allow access for a range of third-party solutions, however they have grown in use as we have digitalised more and more, which has created vulnerabilities.
As most organisations use and rely on APIs, any outage would have an outsized impact. Furthermore, unmanaged or unsecured APIs offer an entry for hackers to inject malicious code which can be used to steal information or worse. We all need to wake up to the fact that APIs have exploded in use over the past few years, we are becoming more and more dependent on them and as such, this poses a cybersecurity risk.
EITN: What should organisations and businesses prepare and look out for?
Yuri: As IoT devices are becoming much more prevalent in our daily lives, they become potential targets for unwanted intrusion, especially as employees are now working from home. Our domestic appliances, such as smart fridges and air-conditioning units that are connected to the internet can become data collection points for cyber attackers which can be easily exploited.
Additionally, many of these IoT devices have not been designed with security in mind or are not installed with proper security procedures in place. According to a Palo Alto Networks’ report, 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network.
Beefing up endpoint protection is crucial in securing organisations’ remote and on-premise workforce. Companies should make sure that their computers’ software as well as anti-malware and anti-virus tools are up to date. Taking this one step further, enterprises with a large, distributed workforce could deploy integrated solutions to securely enable remote work at scale.
EITN: What solutions are there to help these organisations and businesses?
Yuri: The Spectra Alliance – a first-of-its-kind partnership between security companies CrowdStrike, Netskope, Okta and Proofpoint – provides an end-to-end joint solution that protects all web, cloud and on-premises enterprise activities.
Also, artificial intelligence and machine learning can be tremendously helpful in improving the ability of organisations to predict and detect threats, and swiftly contain cyber attacks before they become full-blown. This is where Security Orchestration, Automation, and Response (SOAR) tools come in handy as they allow companies to collect threat-related data from a range of sources and automate responses to low-level threats, reducing the need for manpower and focuses attention on high-priority threats.
It enables companies to adopt a Zero Trust security posture by repelling and remediating internal and external threats, while providing a seamless user experience. The combination is designed to address the security gap that businesses face as they undergo digital transformation when transitioning from on-premise to cloud services.
Also, artificial intelligence and machine learning can be tremendously helpful in improving the ability of organisations to predict and detect threats, and swiftly contain cyber attacks before they become full-blown. This is where Security Orchestration, Automation, and Response (SOAR) tools come in handy as they allow companies to collect threat-related data from a range of sources and automate responses to low-level threats, reducing the need for manpower and focuses attention on high-priority threats.
The Spectra Alliance – a first-of-its-kind partnership between security companies CrowdStrike, Netskope, Okta and Proofpoint – provides an end-to-end joint solution that protects all web, cloud and on-premises enterprise activities.
User Entity Behaviour Analytics (UEBA), a cybersecurity process to detect insider threats, targeted attacks and financial fraud, is one useful way for companies to weed out insider threats.
Instead of tracking devices or security events, UEBA tracks systems’ users and their behaviours, detecting anomalies in human behaviours which indicate potential threats. For example, if a particular user regularly downloads 10 MB of files every day but suddenly downloads gigabytes of files, the system would be able to detect this anomaly and sound alerts immediately. Many quality cybersecurity solutions would have included UEBA within their software.
