Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
YANIV HOFFMAN,
VICE PRESIDENT
TECHNOLOGIES, RADWARE
EDITOR’S QUESTION
The pandemic threatening our global
economy, has impacted significantly
online behavior and the security of
businesses and individuals.
The massive increase in online activity, plus
increased dependency on online services,
means that attacks have a greater impact
since the attack surface has expanded, along
with the load on the Internet and services.
A major Asia Pacific threat originates from
the Digital Transformation narrative – the
differences between those that have evolved
and those that have not.
Countries that are slow to digitally transform
and have a smaller threat landscape have
avoided major events, although they now
face a tough situation. They are being forced
to move quickly to keep up with Digital
Transformation of the global workforce.
Those that have kept up with the Digital
Transformation are discovering new threats
that the modern technical powers are facing
with growing landscapes.
The major APAC attacks are:
• Attacks on remote work – Use of SSL-
VPN and RDP has risen by 30%–40%
during the pandemic as home work has
become the new normal. Remote access
has become the most significant IT
resource and organizations must ensure
its availability or risk their productivity.
Bad actors fully understand this and use
techniques such as account takeover,
exploits and DDoS to attack.
• Phishing and ransomware –
Ransomware remains one of the highest
impact security threats for enterprises.
With increased opportunity for phishing
based on fear and need for information,
ransomware is thriving as it leverages
financial gains. Most commonly it
appears in point-and-click events –
documents and links that lure users into
clicking and downloading malware into
their system. This triggers lockdown,
steals credentials and accesses tokens –
all aimed at retrieving data or creating a
foothold in the organization.
• Politically motivated and state
actors – Global political tensions are
creating precarious scenarios for state
base actors. Recently the Australian
Cybersecurity Center (ACSC) issued an
alert about attack campaigns against
their government and companies by a
sophisticated threat actor whose actions
are assumed to be state sponsored. Such
threats will continue to escalate.
Cyberthreats are not going to disappear as
there is no silver bullet. It will take skill and
knowledge, automation and technology,
as well as solid partnerships, to make viable
robust plans.
So as well as being prepared to face new,
more extreme, scenarios it is essential that
the basics are covered. Otherwise even the
best of plans will be unable to repel threats.
www.intelligentcio.com
INTELLIGENTCIO
33