Skip to main content

Why a multi-layer approach to security is need of the hour as Covid-19 spreads

Every home device or a wireless connection is a potential entry for hackers and phishers as work-from-home policy creates a very opportunistic situation for the bad guys.

Social distancing and the lockdown due to coronavirus have made online life more important than ever but the domino-effect has led to security vulnerabilities for people, processes and technologies.  

Bad guys are aware that people working from home do not have the same security as they would have in their corporate environment.

“We have seen a lot of companies adopt work-from-home strategy due to the pandemic and a big jump in using this model. Many wanted to have a gradual move for the past many years as part of the digital transformation journey, but Covid-19 has accelerated the work-from-home strategy rapidly,” Dr. Moataz Binali, Vice-President at Trend Micro Middle East and North Africa, told TechRadar Pro Middle East.

So, he said that non-believers and sceptic who have been shying away from are being pushed into it.

“The move to work-from-home strategy and the cloud also brings in a lot of different trends. Companies are trying to adopt digital transformation on the cloud and others are adopting a remote working model while others are adopting a different shift in different models,” he said.

Binali said that a person who is using a corporate laptop has some sort of endpoint security protection but a lot of employees are not using their corporate laptops and by using their personal laptops, they don’t have the endpoint security software.

The pandemic has led to the creation of more than several hundreds of new Covid-19 web domains.

“We have seen a lot of different types of attacks because of a lack of endpoint software and next-gen network firewall protection at homes. Hackers are using Corona as the main campaign in trying to phish different users and try to ambush them to reveal personal information or about the company.

“We have seen malicious attacks come from different sites that disguise themselves as official Corona-related sites. These sites try newer ways to infect digital assets of an organisation,” he said.

In the first quarter of this year alone, Trend Micro globally found over 907,000 spam messages and 48,000 hits to malicious URLs – both related to Covid-19. To combat these kinds of attacks using the security provider has various multi-layered security offerings, from the cloud to the endpoint.

In the Gulf Cooperation Council (GCC) countries, 3,067 emails, URL and file threats related to the Covid-19 have been recorded in the first three months of the year.

Moreover, the GCC recorded 1,737 email spam attacks, the third-highest in Asia; 1,114 malware threats detected, the third-highest in Asia; and 216 URL attacks, the seventh-highest in Asia.

The UAE led the region with 1,541 Covid-19 attacks, including 775 malware threats, 621 email spam attacks and 145 URL attacks detected. 

The Kingdom of Saudi Arabia recorded 344 attacks, including 268 email spam attacks, 59 malware threats detected, and 17 URL attacks.

In threats related to Covid-19, Binali said that URL attacks increased 260 times and email spam attacks increased 220 times from February 2020-March 2020. The United States leads in all Covid-19 attacks.

 “We have also seen an increase in ransomware attacks due to Corona and it is a global concern and it is used left, right and centre. Hackers disguise themselves as World Health Organisation, famous hospitals and clinical centres to lure information by making them download certain payloads,” Binali said.

IT teams find it difficult to protect digital assets

Even though hacking is a global issue, Binali said that they have seen the US and Europe impacted the most but “we have seen attacks on the Middle East also but not to the same degree as in the West. In the Middle East, it is less because people gravitate more towards information from the Ministry of Health rather than WHO or other sources.”

Most of the attacks due to Covid in the region are in the UAE, followed by Saudi Arabia; he said and added that due to the rapid upsurge in remote working, it has become difficult for IT teams to protect digital assets and processes.

“For an organisation to deal with all the challenges, cybersecurity talent, tools and manual processes and to make security improvements ultimately relies on the shoulders of the IT cell. A multi-layered approach is the need of the hour for remote working - an endpoint security solution for the laptop, a next-gen firewall for the network, e-mail protection software for e-mails and cloud protection software for cloud computing,” he said.

As the access into the corporate network is coming from outside, he said that companies need to strengthen their internal security and diversify the multi-layer around it as well.

He added that Trend Micro has a packaged solution catered for all these issues under one umbrella.

Moreover, he said that there is also a website from Trend Micro - https://global.sitesafety.trendmicro.com/ - that users can use to check the reputation of a website and if there is any malware.

“Having a good anti-virus software can detect and block a malicious site and we use a reputation engine for that. We put all the smart global protection networks we acquire from different websites into our reputation engine so that the anti-virus software can detect whether it is malicious or not before the user clicks,” he said.

Binali claims that it can block 100% but if a new website is created, it cannot detect and it will take time before it comes to our notice or before victims fall prey.

He said that Trend Micro does not rely on one method to block attacks as we have sandboxing, machine learning and signature-based analysis, and all of these are included in the XGen, the engine for blocking malware and protecting users.

“It has got a multi-layered approach to block and not to cause harm to the users. We are unique in that way as we have the multi-layered approach into a single-engine,” he said.

Even though VPNs is the most secured way to work remotely, he said that it is not a must to work remotely.

“In VPN, all the communication is encrypted. So, when working from outside the corporate network, it is a must to have a VPN and an additional layer of protection, the same way corporate firewalls do in the office. Always trust a VPN from a well-known vendor that provides these services,” he said.

Key malicious Covid-19 sites

  • acccorona[.]com
  • alphacoronavirusvaccine[.]com
  • anticoronaproducts[.]com
  • beatingcorona[.]com
  • beatingcoronavirus[.]com
  • bestcorona[.]com
  • betacoronavirusvaccine[.]com
  • buycoronavirusfacemasks[.]com
  • byebyecoronavirus[.]com
  • cdc-coronavirus[.]com
  • combatcorona[.]com
  • contra-coronavirus[.]com
  • corona-armored[.]com
  • corona-crisis[.]com
  • corona-emergency[.]com
  • corona-explained[.]com
  • corona-iran[.]com
  • corona-ratgeber[.]com
  • coronadatabase[.]com
  • coronadeathpool[.]com
  • coronadetect[.]com
  • coronadetection[.]com


from TechRadar - All the latest technology news https://ift.tt/2VVZBle
Labels:

Comments

Post a Comment

Popular posts from this blog

The future of Magic Leap's promising AR efforts dim after layoffs

The Magic Leap Two is now further away than ever, unfortunately. Today in a blog post the augmented reality pioneer announced major layoffs and has decided to cut up to half of its workforce, according to some reports. The original Magic Leap One was supposed to be one of the first mainstream augmented reality headsets when it launched in 2018, but a high price point and lack of interest from developers left the headset high and dry after launch. According to the blog post, Magic Leap says it will be focusing its efforts on enterprise solutions (a statement HTC has made recently as well) and shift its focus away from consumer technology… at least for the time being.  The company has been open about creating a second headset that would offer improved specs for some time, but how that work will now have to go forward without half of the team , according to some estimates, remains to be seen. Is the window closing on augmented reality?  Although it’s just one company, Magic...
Post a Comment
Read more

Airship acquires SMS commerce company ReplyBuy

Airship is announcing that it has acquired mobile commerce startup ReplyBuy . The startup (which was a finalist at TechCrunch’s 1st and Future competition in 2016) works with customers like entertainment venues and professional and college sports teams to send messages and sell tickets to fans via SMS. It raised $4 million in funding from Sand Hill Angels, Kosinski Ventures, SEAG Ventures, Enspire Capital, MRTNZ Ventures and others, according to Crunchbase . Airship, meanwhile, has been expanding its platform beyond push notifications to cover customer communication across SMS, email, mobile wallets and more. But CEO Brett Caine said this is the first time the company is moving into commerce. While sports and concerts tickets might not be a booming market right now, Caine suggested that the company is actually seeing increased purchasing activity “in and around the Airship platform” as businesses try to drive more in-app purchases. He also suggested that both the COVID-19 pandem...
Post a Comment
Read more