A proactive prevention strategy
Maya Horowitz, VP Research at Check Point Software, talks about key cybersecurity trends to watch out for this year.
What are you showcasing at GISEC?
At GISEC, we are showcasing all of our product lines. Today, you see fifth-generation attacks across networks, cloud, and endpoints. Our main focus is our Infinity architecture, which offers protection against these threat vectors and simplifies security management.
Infinity architecture is based on two primary principles. The first one is that we do prevention. Infinity platform is powered by our cyber threat intelligence database, which correlates data from our customers. Our top priority is to ensure that we don’t block real traffic and create false positives. We want our customers to use this platform to stop the attacks, not just see something has happened. The second one is to be a holistic solution. We don’t believe in point solutions but an integrated threat prevention platform that can protect the entire IT infrastructure of our customers and help them stay ahead of threat actors.
What has been the impact of this pandemic on the threat landscape?
It has gotten worse. Our 2022 security report revealed that organisations experienced a 50 percent increase in weekly cyber-attacks last year. It is because these attacks are more successful and lucrative. We have also seen evolving attacks on mobile devices, major cloud services vulnerabilities, and supply chain attacks.
The move to remote and hybrid work has expanded the attack surface because employees now connect from everywhere. Because this transition was done so fast, no one had time to think about security. As a result, threat actors are growing in confidence and sophistication.
What kind of key attack vectors and techniques do you see now?
One of the most prevalent vulnerabilities is remote code execution. We also see many DDoS attacks. But, the most interesting thing is the rise in the number of ransomware attacks, which cost its victims millions of dollars and stolen data. Especially in the past year, we have seen the emergence of a large number of ransomware and wipers, which are ransomware without a key, targeted at critical infrastructure, leading to massive disruption of day-to-day lives and posing grievous harm to physical security.
Have there been any nation-state attacks against critical infrastructure in the Middle East?
There have been some of them, but we don’t really know whether these are nation-states or cybercriminals. Some of these attacks were attributed to cyber-criminal gangs like in the case of the Colonial Pipeline attack in the US. But there are others like the attacks on railways and gas stations in Iran, for which no one has claimed to be responsible. So it could be external or internal. We see more and more of these types of attacks, and they could come from anywhere. It is true nation-states are using ransomware more than ever before, and sometimes they do it to extort money. However, the good news is that governments and law enforcement agencies worldwide are cracking down on these ransomware groups.