?
editor’s question
YANIV HOFFMAN,
VICE PRESIDENT
TECHNOLOGIES,
RADWARE
T
he pandemic
currently
threatening our
global economy
has significantly
impacted online
behaviour and the
security of businesses and individuals.
The massive increase in online activity,
plus increased dependency on online
services, means that attacks have a
greater impact since the attack surface
has expanded, along with the load on
the Internet and services.
A major Asia Pacific threat originates
from the Digital Transformation narrative
– the differences between those that
have evolved and those that have not.
Countries that are slow to digitally
transform and have a smaller threat
landscape have avoided major events,
although they now face a tough situation.
They are being forced to move quickly
to keep up with Digital Transformation of
the global workforce.
Those that have kept up with the Digital
Transformation are discovering new
threats that the modern technical powers
are facing with growing landscapes.
The major APAC attacks are:
• Attacks on remote work – Use
of SSL-VPN and RDP has risen by
30%–40% during the pandemic as
home work has become the new
normal. Remote access has become
the most significant IT resource
and organisations must ensure its
availability or risk their productivity.
Bad actors fully understand this
and use techniques such as
account takeover, exploits and
DDoS to attack.
• Phishing and ransomware –
Ransomware remains one of the
highest impact security threats
As well as being
prepared to face
new, more extreme
scenarios, it is
essential that the
basics are covered.
for enterprises. With increased
opportunity for phishing based
on fear and need for information,
ransomware is thriving as it leverages
financial gains. Most commonly, it
appears in point-and-click events
– documents and links that lure
users into clicking and downloading
malware into their system. This
triggers lockdown, steals credentials
and accesses tokens – all aimed at
retrieving data or creating a foothold
in the organisation.
• Politically motivated and state
actors – Global political tensions
are creating precarious scenarios
for state base actors. Recently, the
Australian Cybersecurity Center
(ACSC) issued an alert about
attack campaigns against its
government and companies by a
sophisticated threat actor whose
actions are assumed to be statesponsored.
Such threats will
continue to escalate.
Cyberthreats are not going to disappear
as there is no silver bullet. It will
take skill and knowledge, automation
and technology, as well as solid
partnerships, to make viable robust
plans. So, as well as being prepared to
face new, more extreme scenarios, it is
essential that the basics are covered.
Otherwise even the best of plans will be
unable to repel threats.
28 Issue 29 | www.intelligentciso.com