Skip to main content

Why a multi-layer approach to security is need of the hour as Covid-19 spreads

Every home device or a wireless connection is a potential entry for hackers and phishers as work-from-home policy creates a very opportunistic situation for the bad guys.

Social distancing and the lockdown due to coronavirus have made online life more important than ever but the domino-effect has led to security vulnerabilities for people, processes and technologies.  

Bad guys are aware that people working from home do not have the same security as they would have in their corporate environment.

“We have seen a lot of companies adopt work-from-home strategy due to the pandemic and a big jump in using this model. Many wanted to have a gradual move for the past many years as part of the digital transformation journey, but Covid-19 has accelerated the work-from-home strategy rapidly,” Dr. Moataz Binali, Vice-President at Trend Micro Middle East and North Africa, told TechRadar Pro Middle East.

So, he said that non-believers and sceptic who have been shying away from are being pushed into it.

“The move to work-from-home strategy and the cloud also brings in a lot of different trends. Companies are trying to adopt digital transformation on the cloud and others are adopting a remote working model while others are adopting a different shift in different models,” he said.

Binali said that a person who is using a corporate laptop has some sort of endpoint security protection but a lot of employees are not using their corporate laptops and by using their personal laptops, they don’t have the endpoint security software.

The pandemic has led to the creation of more than several hundreds of new Covid-19 web domains.

“We have seen a lot of different types of attacks because of a lack of endpoint software and next-gen network firewall protection at homes. Hackers are using Corona as the main campaign in trying to phish different users and try to ambush them to reveal personal information or about the company.

“We have seen malicious attacks come from different sites that disguise themselves as official Corona-related sites. These sites try newer ways to infect digital assets of an organisation,” he said.

In the first quarter of this year alone, Trend Micro globally found over 907,000 spam messages and 48,000 hits to malicious URLs – both related to Covid-19. To combat these kinds of attacks using the security provider has various multi-layered security offerings, from the cloud to the endpoint.

In the Gulf Cooperation Council (GCC) countries, 3,067 emails, URL and file threats related to the Covid-19 have been recorded in the first three months of the year.

Moreover, the GCC recorded 1,737 email spam attacks, the third-highest in Asia; 1,114 malware threats detected, the third-highest in Asia; and 216 URL attacks, the seventh-highest in Asia.

The UAE led the region with 1,541 Covid-19 attacks, including 775 malware threats, 621 email spam attacks and 145 URL attacks detected. 

The Kingdom of Saudi Arabia recorded 344 attacks, including 268 email spam attacks, 59 malware threats detected, and 17 URL attacks.

In threats related to Covid-19, Binali said that URL attacks increased 260 times and email spam attacks increased 220 times from February 2020-March 2020. The United States leads in all Covid-19 attacks.

 “We have also seen an increase in ransomware attacks due to Corona and it is a global concern and it is used left, right and centre. Hackers disguise themselves as World Health Organisation, famous hospitals and clinical centres to lure information by making them download certain payloads,” Binali said.

IT teams find it difficult to protect digital assets

Even though hacking is a global issue, Binali said that they have seen the US and Europe impacted the most but “we have seen attacks on the Middle East also but not to the same degree as in the West. In the Middle East, it is less because people gravitate more towards information from the Ministry of Health rather than WHO or other sources.”

Most of the attacks due to Covid in the region are in the UAE, followed by Saudi Arabia; he said and added that due to the rapid upsurge in remote working, it has become difficult for IT teams to protect digital assets and processes.

“For an organisation to deal with all the challenges, cybersecurity talent, tools and manual processes and to make security improvements ultimately relies on the shoulders of the IT cell. A multi-layered approach is the need of the hour for remote working - an endpoint security solution for the laptop, a next-gen firewall for the network, e-mail protection software for e-mails and cloud protection software for cloud computing,” he said.

As the access into the corporate network is coming from outside, he said that companies need to strengthen their internal security and diversify the multi-layer around it as well.

He added that Trend Micro has a packaged solution catered for all these issues under one umbrella.

Moreover, he said that there is also a website from Trend Micro - https://global.sitesafety.trendmicro.com/ - that users can use to check the reputation of a website and if there is any malware.

“Having a good anti-virus software can detect and block a malicious site and we use a reputation engine for that. We put all the smart global protection networks we acquire from different websites into our reputation engine so that the anti-virus software can detect whether it is malicious or not before the user clicks,” he said.

Binali claims that it can block 100% but if a new website is created, it cannot detect and it will take time before it comes to our notice or before victims fall prey.

He said that Trend Micro does not rely on one method to block attacks as we have sandboxing, machine learning and signature-based analysis, and all of these are included in the XGen, the engine for blocking malware and protecting users.

“It has got a multi-layered approach to block and not to cause harm to the users. We are unique in that way as we have the multi-layered approach into a single-engine,” he said.

Even though VPNs is the most secured way to work remotely, he said that it is not a must to work remotely.

“In VPN, all the communication is encrypted. So, when working from outside the corporate network, it is a must to have a VPN and an additional layer of protection, the same way corporate firewalls do in the office. Always trust a VPN from a well-known vendor that provides these services,” he said.

Key malicious Covid-19 sites

  • acccorona[.]com
  • alphacoronavirusvaccine[.]com
  • anticoronaproducts[.]com
  • beatingcorona[.]com
  • beatingcoronavirus[.]com
  • bestcorona[.]com
  • betacoronavirusvaccine[.]com
  • buycoronavirusfacemasks[.]com
  • byebyecoronavirus[.]com
  • cdc-coronavirus[.]com
  • combatcorona[.]com
  • contra-coronavirus[.]com
  • corona-armored[.]com
  • corona-crisis[.]com
  • corona-emergency[.]com
  • corona-explained[.]com
  • corona-iran[.]com
  • corona-ratgeber[.]com
  • coronadatabase[.]com
  • coronadeathpool[.]com
  • coronadetect[.]com
  • coronadetection[.]com


from TechRadar - All the latest technology news https://ift.tt/2VVZBle

Comments

Popular posts from this blog

Mother's Day 2020 gift ideas: 18 gadgets and gizmos for tech-savvy Aussie mums

Raising a family is not an easy job, and the women who care for us each and every day deserve to be told how special they are each and every day. While we tend to forget to do that, Mother’s Day reminds us we need to celebrate the women in our lives, whether they’re our own mothers or our wives and partners helping us raise the young ones. Mother’s Day 2020 is fast approaching (with under two weeks to go), and there’s a pretty good chance you won’t be able to take her out to her favourite restaurant this year, or even get to a store to shop for something she might like. So we have to get creative, and TechRadar’s Australian team has put together this little list of great tech gift ideas that you can buy online and have delivered in time for May 10. But you will need to get a wriggle on as delivery supply chains are under strain with more people shopping online. Whether she’s a whiz in the kitchen, loves to cosy up with a book or entertain at home, we’ve got a gadget or gizmo that’s s...

Amazon Australia has specials on Bose products all this week

December may have just begun, but the world's largest online marketplace is already feeling the Christmas spirit.  To kick off the month’s festivities, Amazon Australia is celebrating  ‘7 Days of Deals’ with Bose's superb audio hardware discounted each day. To begin with, the very popular (and rightly so) Bose QuietComfort 35 II and the more expensive Bose Noise Cancelling Headphones 700 are available for less. To sweeten the deal, Amazon will throw in an Echo speaker as a bonus as well. When you purchase the superb Bose Headphones 700, you will receive a free Amazon Echo Show 5, or if you’d prefer the Bose QuietComfort 35 II, you’ll receive a complimentary Echo Dot. The offer is valid until December 8, or while stocks last. You can buy the same bundles, for the same price if you make the purchase via the Echo Dot or the Echo Show 5 product pages on Amazon. Just make sure you select the bundled headphone in the 'add other items' section on the right. Best noi...

Valentine's Day flowers: the best online flower delivery services

February 14 will be here before you know it, and if you, like many others, are searching for that perfect gift, then placing an online order for Valentine's Day flowers is always an easy and romantic option. You can order a beautiful floral arrangement in minutes from a variety of online retailers, including; 1-800-Flowers, Amazon, ProFlowers, Teleflora, and many more. To help you sort through all the Valentine's Day offers, we've rounded up the best online flower delivery services in both the USA and the UK and listed their current promotions. We've also included delivery charges and made sure to mention if you can allocate specific days for delivery. There's a fantastic range of bouquets and gifts available from our selection of florists below, and online delivery from a specialist means you don't have to worry about the usual hassle of buying from a store and getting them home safely. We'll be updating this page as we get closer to the big day so you...