Security MEA speaks to Florian Malecki, the International Product Marketing Director at SonicWall, about the cyber security threats prevalent in the region
How is the cyber security market scenario in the Middle East?
Security will continue to be strong, as it is in other developed countries because it is an area of concern for everyone – including consumers, businesses and government. Cyber attacks are going to increase as more organizations become digitally enabled, and the adoption of smart cities and the Internet of Things (IoT) becomes widely accepted in the region.
Understanding that today’s cyber criminals are highly motivated to launch low effort but quick pay out attacks and have been experimenting with IoT and other new methods of attack, we can predict some elements of the threat terrain ahead.
Where does ransomware stand in the entire cyber security spectrum?
According to the SonicWall GRID Threat Network, ransomware attacks grew 167 times since 2015, from 3.8 million in 2015 to 638 million in 2016. The reason for this increase was likely a perfect storm of factors, including the rise of ransomware-as-a-service (RaaS) and mainstream access to Bitcoin.
What are the other reasons for increased cyber security threats in the region?
Another reason might simply be that as cyber security teams made it difficult for cyber criminals to make money in other ways, they had to look for a new pay check. While the growth of SSL/TLS encryption is overall a positive trend, we can’t forget that it also offers criminals an original way to sneak malware through company firewalls, a vulnerability that was exploited 72% more often in 2016 than in 2015, according to NSS Labs.
The reason this security measure can become an attack vector is that most companies still do not have the right infrastructure in place to perform deep packet inspection (DPI) to detect malware hidden inside of SSL/TLS-encrypted web sessions. Companies must protect their networks against this hidden threat by upgrading to next-generation firewalls (NGFWs) that can inspect SSL/TLS traffic without creating performance issues.
Which sectors are targeted the most and how does SonicWall help its customers equip with solutions that can thwart such attacks?
The oil and gas industry, retail sector, education, government, banking and financial services will increasingly come under constant threat because of the investments that have been made in these verticals.
The tools and resources available to organizations have never been more capable of creating and supporting a supreme level of security. However, it falls to each security team to follow best practices for their infrastructure.
What do companies need to do in order to keep such cyber security threats at bay?
Build a “human firewall” by teaching your employees, especially those dealing with payments, how to address potential threats, such as malicious emails and suspicious pop ‐ ups. Tell your users never to accept a self ‐ signed, non‐valid certificate. Isolate the corporate network environment into LAN, WLAN and VLAN zones and implement multi-factor authentication for cross‐visiting.
Separate critical systems, Internet of Things (IoT) devices and POS systems as well. Deploy a next ‐ generation firewall that is capable of high ‐ performance Secure Sockets Layer/Transport Layer Security (SSL/TLS) inspection enabled to ensure you can inspect all traffic regardless of ports, protocols or file size, decompressing and decrypting every packet and examining every byte to identify threats quickly. The explosion of advanced threats is rendering legacy network security solutions obsolete.
What are the effects of such cyber security threats on companies?
Ransomware, zero-day threats, malvertising, encrypted malware, DDoS, phishing and other attacks expose organizations to breaches that threaten business viability. This creates the need for a new breed of network security solutions that deliver more than just breach detection.
Organizations require breach prevention capable of handling threats delivered by any vehicle including web and email, over encrypted or unencrypted traffic, across any network including wired and wireless, and for not only PCs but tablets, phones, and even IoT devices.
We believe there are three critical components necessary for this solution: high-speed inspection of SSL-encrypted traffic, multi-engine cloud sandboxing and the ability to block potential threats until a verdict is reached.
Only SonicWall delivers an automated real-time breach prevention platform through our portfolio of next-generation firewalls with high-performance SSL inspection, Capture triple-engine cloud sandboxing for both network and email traffic, as well as wireless, mobile access and email security solutions.