Gitex 2021: Cybersecurity tops agenda for smart cities

Cybersecurity will continue to remain a challenge for organisations unless they heavily invest in security protocols that take into account the needs of both businesses and customers in a smart city, experts at Gitex Technology Week 2021 said.

Mahmoud Samy, VP for EMEA Emerging Region at Forcepoint, explained that the physical disruptions to working patterns caused by the Covid-19 pandemic has meant that businesses had to move to remote working systems almost overnight. Since then, cybersecurity teams have had to scramble to secure the evolving hybrid workforces and ever-expanding SaaS applications in a manner that doesn’t hinder work processes – and the solution has been to move workloads to the cloud.

“Data is the building block of today’s digitized economy,” he said. “In today’s reality where people are working from everywhere, progressive organisations must address the protection of precious information assets in a perimeter-less networking environments. Data-first SASE ensures organisations can secure data access and usage, by closing down attacks and opening up data use.”

Ransomware, he added, continues to make headlines. “Sadly, there is a thriving industry in ‘ransomware as a service’. While this business exists, malware developers can continue to create new ransomware variants, while the delivery of malware is outsourced to different criminal entities who pay for access to the latest builds. In this way, a ‘standard’ cybercriminal can gain access to relatively sophisticated malware, even if the techniques for delivery stay the same.”

Gordon Love, VP of MEA Sales at Mandiant, also agreed that the biggest challenge for businesses today is the threat of ransomware, which has evolved over the past couple of years. Mandiant has adopted the term “multifaceted extortion” to characterize this evolved form of ransomware. The many facets of this attack include deployment of data encryptors, theft of proprietary and sensitive data, public shaming using the stolen data and other additional coercive tactics.

Attackers have become much more sophisticated in their attacks but, more importantly, so have the defenders, he said. According to Mandiant’s mTrends 2021 report, global median dwell time dropped below a month for the first time. Organisations are now detecting incidents in only 24 days – more than twice as fast as they did in 2019.

“Cyber actors have evolved their tactics, techniques and procedures,” he said. “We are now seeing adversaries leveraging exploits more often than other vectors. For example, in 29 per cent of cases, more than one distinct threat group was identified in the victim environment –nearly twice the percentage noted in 2019, proving that actors are sharing collaborating and sharing resources. In more than half of the intrusions investigated in 2020, we observed that adversaries used obfuscation, such as encryption or encoding, on files or information to make detection and subsequent analysis more difficult.”

Similarly, Gaurav Mohan, VP of Sales, SAARC & Middle East at NETSCOUT, said that enterprises have dealt with a constantly evolving cyberthreat landscape. As such, many organisations find themselves defending a more distributed and vulnerable environment, as the shift to hybrid work and online collaboration services create vulnerabilities that attackers are quick to exploit.

In addition to conventional attacks on Internet-facing services, he noted that cybercriminals are also focused on disrupting ongoing operations within a company, such as the inbound and outbound use of VPNs, firewalls, and cloud-based tools by employees working from home.

“In short, cybercriminals have become bold in their ability to hit users where it hurts,” he said. “Many attacks target customer-facing services and applications and enterprise digital infrastructure. In both cases, these attacks directly affect the organisation’s ability to service customers, thus impacting revenue and profitability. Enterprises have also seen a surge of cyberattacks ranging from phishing, data breaches, and ransomware in the past few months.”

The consequences of these attacks ranged from critical data loss to financial damage, he revealed. “Adversaries thrive on constant innovation. Armed with an ever-improving set of tools that have lowered the bar to entry for launching more complex and more disruptive attacks, cybercriminals have eagerly leveraged the weaknesses of organisations in the region.”

“We can logically expect to see threat actors target vulnerabilities exposed by the global crisis and discover and use new attack vectors that poke at the weak spots of our new normal,” he added. “After all, cybercrime is a multi-billion-dollar business. It is therefore imperative that defenders and security professionals remain vigilant to protect the critical infrastructure that connects and enables the modern world.”

rohma@khaleejtimes.com