cyber trends
Abusing legitimate services Training takes centre stage
Threat actors will expand their abuse
of legitimate services for hosting and
distributing malicious email campaigns,
malware and phishing kits. Similarly,
the widespread abuse of other
legitimate cloud-based hosting services
for malware delivery will continue,
capitalising on our conditioning to click
through links for shared content and
the inability for most organisations to
blacklist services like Dropbox and Box. While automated systems
can prevent many threats
from reaching inboxes,
users remain the
final line of defence,
especially as threat actors
turn to voice and SMS
phishing and multi-channel
attacks. As a result, training is
a critical component of security
but scarce resources demand that
organisations be increasingly selective
about the training they provide for
their users. In order to effectively
train employees on cybersecurity and
ensure those trainings capture the
main key-learnings, organisations must
offer localised content into different
languages taking into consideration
the diverse cultural background of the
workforce especially in countries such
as the UAE. We expect that training
priorities will be driven by threat
intelligence and the types of threats
organisations are actually experiencing.
Additionally, there will be a wider
adoption of in-client email reporting
mechanisms including automation
to avoid overwhelming IT resources.
Finally, given the challenge in detecting
the attacks with automated systems, we
also expect that organisations will focus
training on internal phishing and email
account compromise. u
Finally, we predict malvertising activity
associated with the Keitaro traffic
distribution system (TDS) will expand and
continue this year based on its traffic
statistics and the difficulty in blacklisting
IPs associated with this type of service.
Brute force attacks get smarter
As organisations continue to adopt
cloud-based productivity and
collaboration software, these platforms
become increasingly attractive targets
for threat actors.
While traditional brute force attacks
on these and other cloud services will
continue this year, we expect these
attacks to become increasingly advanced.
Additionally, while adoption of
multifactor authentication is helping to
mitigate risks associated with cloud
attacks, vendors and organisations alike
are finding that robust implementation
carries its own challenges, driving
organisations to look at biometrics
and other potential solutions to secure
their infrastructure, whether owned or
purchased as a service.
www.intelligentciso.com
|
Issue 23
Emile Abou Saleh, Regional Director, Middle
East and Africa at Proofpoint
Supply chains expose vertical
and horizontal partners
Supply chain vulnerabilities took centre
stage with the breaches of major
retailers in 2013 and 2014. While threat
actors have continued to exploit the
supply chain for everything from credit
card theft to business email compromise
(BEC), we expect this tactic to become
even more sophisticated.
We also anticipate organisations will
begin looking more closely at the wide
range of suppliers with which they
engage. Knowing who these suppliers
are and requiring specific types of email
security in vendor contracts will be
critical to limiting threat actors’ ability to
hop from one supplier to another until
they compromise intended targets.
Furthermore, this will also drive
further adoption of DMARC as
information security teams come
together with procurement teams to
demand standards-based approaches
to vendor security.
As organisations
continue to adopt
cloud-based
productivity and
collaboration
software, these
platforms become
increasingly
attractive targets for
threat actors.
21