Enabling secure but accelerated digital transformations
Last year all attacks that were a combination of web application and application specific attacks, increased by 32-percent from the year before. This is according to NTT Global Threat Intelligence Report (GTIR) that also revealed several other interesting findings.
But, as the whole world currently deals with a pandemic that has accelerated the use of technologies, there is reason to believe cybersecurity reports like GTIR’s will reveal even grimmer statistics, unless something is done.
In the foreword of the GTIR, Global Head of Threat Intelligence, Mark Thomas stated, “Every organisation should go the extra mile to protect their customers, partners and employees during these unprecedented and uncertain times.”
Uncertain times, indeed
When the coronavirus outbreak happened in early 2020, and governments implemented shelter-in-place orders, two key things happened: office workers started working from home, and their home networks were expected to do the work of corporate networks.
This was ripe opportunity also for attackers to spoof DNS, or hijack router DNS settings due to weak default admin passwords.
To exacerbate the risks that work-from-home employees now faced without the protection of corporate firewalls and solutions, were cybercriminals looking to exploit the populations’ paranoia and demand for as much information as possible about COVID-19.
According to NTT Ltd’s 2020 Global Threat Intelligence Report (GTIR), websites posing as ‘official’ sources of COVID-19 information, but host exploit kits and/or malware instead – were created at an incredible rate, sometimes exceeding 2000 new sites per day. This implies that AI and/or automation was used in creating credible-looking websites in pretty huge volumes.
Phishing attacks that take advantage of COVID-19 paranoia, have started since mid-January 2020.
Unfortunately, the coronavirus pandemic does not pose only a health risk and economic risk; there are very blatant cybersecurity risks, as well as indirect risks from the (unintended) acceleration of digital transformation.
Digital transformations during a pandemic
Businesses in different sectors are impacted by social distancing and the work-from-home mandate in different ways. And businesses that can pivot, have done so with technology so as to remain relevant during this unprecedented times.
If digital transformation can be defined as the use of technology to change business models or create new business models, then there was plenty of DX activity that happened in the last 4 months.
And where there is digital transformation, connectivity is likely not far away.
Everything from video communication platforms in offices and homes, to mobile devices at retail shops, and IoT sensors in factories, require connectivity.
The unintended consequence of an accelerated digital transformation during the pandemic means an accelerated increase in attack surfaces for cyber-adversaries to pound against.
NTT Ltd.’s GTIR also revealed that sectors like technology, finance, manufacturing and government, in APAC countries were especially targeted by attackers.
Despite this, the GTIR reported the APAC region when compared to the Americas, Europe, and MEA, as having the highest cybersecurity advisory scoring for technology, and manufacturing.
This means technology organisations in APAC lead all other regions with an average maturity score of 2.02. The same goes for manufacturing in APAC with a 1.86 average maturity score, as well as the highest regional score for risk management.
By no means does this mean these sectors can rest on their laurels. If anything, the GTIR this year, underscores that businesses have to be ready for anything, that security organistions need to champion both cyber-resiliency and security-by-design postures.
The ongoing challenges — amplified now
One of the spotlights in the GTIR is on how organisations are relying more on their web presence, for example customer portals and supported web applications.
Case in point, is the healthcare industry which has had to embrace digital transformation to deliver patient services in a timely manner. Attacks against the World Health Organization (WHO) has more than doubled since the pandemic began, and researchers have even discovered a data dump of 25,000 email credentials allegedly belonging to the WHO, National Institutes of Health and other organisations.
It is worth noting here that NTT Ltd has been offering security incident response services at no charge to hospitals handling COVID-19 patients. This service has been extended till early August and to more countries – including Malaysia – than they initially announced.
For workers from home, virtual communication and virtual collaboration solutions have had to try close the distance between colleagues, teams and management. There is also accelerated usage of collaboration and productivity hubs like Microsoft Teams and DingTalk, as these solutions offer convenient work processes that are digitised and more importantly, paperless and contactless.
These two examples highlight how much of an opportunity there is for cyberattacks as more people are spending more time online and on unprotected networks.
This exacerbates a key challenge cybersecurity decision makers have with visibility of their entire IT infrastructure and data footprint. Also, how do they meet demands of their business users working outside of corporate firewalls, while ensuring compliance to governance and risk management?
The GTIR report aptly pointed out, “Cyberattacks can take weeks, if not years to recover from, which is a key reason why organisations must have the ability to anticipate and prevent disruptions. Successful organisations account for all aspects of business operations, technology, people and controls to actively manage disruptive events – before the event impacts regular operations.”
It also proposed to do so via measures like governance, risk and compliance (GRC), as well as regular penetration testing.
NTT Ltd.’s Global Threat Intelligence Report data is derived from worldwide log events from its Global Threat Intelligence Platform that identify attacks based on types or quantities of events from 10 SOCs and seven research and development centres of NTT Ltd.
The Cybersecurity Advisory data, informed the regional maturity assessment of multiple industries, as reported in the GTIR. The data is used to benchmark their clients against their industry peers on a regional and global level.
An effective cybersecurity is a carefully orchestrated exercise that leverages best-of-breed solutions. As an established system security provider, NTT Ltd. knows this well and works with the security vendor best suited for the task at hand.
The size and diversity of its over 4000 security clients across six continents, puts NTT Ltd. in the ideal position to serve global hyperscale entities and enterprises seeking a one-stop solution that is integrated but comprehensive.