Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
YANIV HOFFMAN , VICE PRESIDENT TECHNOLOGIES , RADWARE
EDITOR ’ S QUESTION
The on-going effects of the COVID-19 pandemic are significantly impacting the security of businesses and individuals worldwide . While some industries have been severely hit , others are experiencing sudden and exponential growth in demand for their services . Not surprisingly , this difficult time became a great breeding ground for cybercriminals who are using the pandemic crisis and our dependencies in online services for various gains .
What are the latest cyberthreats CIOs need to be aware of in the APAC region ?
• Ransomware – The # 1 risk to remote desktop services . Almost two-thirds of ransomware contains an infection vector based on RDP and one of the most persistent services when it comes to account takeover attacks . Servers from enterprises are much wanted resources for malicious actors as they can be abused for spam distribution , lateral movement and exfiltration of sensitive information followed by ransom , command and control server for botnets , attack stations for attacking other organizations , cryptocurrency mining and finally deploying ransomware , sometimes after the previous scenarios have been tried and dried , as a last resort to monetize a successful breach .
• Encrypted attack protection – More than 90 % of web traffic is now HTTPS encrypted . While HTTPS is crucial for data protection , it opens the door for new DDoS attacks . HTTPS requires many more resources from the target server than the client , meaning hackers can unleash devastating attacks with limited requests .
“ is
SERVERS FROM ENTERPRISES ARE MUCH WANTED RESOURCES FOR MALICIOUS ACTORS AS THEY CAN BE ABUSED .
Protection against encrypted DDoS floods is a critical requirement .
• Massive global capacity – Internet of Things ( IoT ) botnets are growing larger and more sophisticated and becoming more capable of launching larger attacks . They can be purchased on the dark net for relatively small sums , for example the cost of a cup of coffee . Botnets are a significant threat during the massive COVID-19 public health emergency .
• Application layer ( L7 ) DDoS attacks – These pose a unique challenge for DDoS defenses , as they require insight into application behavior , and it is difficult to tell whether a request
legitimate or malicious simply by looking at the network-layer traffic . Moreover , as more and more web traffic is encrypted by SSL and HTTPS , DDoS defenses are frequently unable to look at the contents of the packet itself . As a result , many types of DDoS defenses are unable to tell the difference between a legitimate spike in customer traffic ( for example , during a flash crowd or a holiday peak ) and an actual attack . Examples of attacks are : HTTP / S floods , SSL negotiation attack , Low and Slow attacks , HTTP / S bomb attack and large file download .
• Account takeover / credential theft – Compromised accounts have been traded for financial gain for years . Email addresses , passwords and credentials are low-hanging fruit , as they are relatively cheaper and go in masses . Payment details are another favorite , with prices dictated by different parameters such as country of issue , credit score and more at the highest end . The decisions and tools that organizations choose now , and the training they provide to their employees , will have enduring effects on security for years to come . It ’ s crucial that companies get it right . • www . intelligentcio . com INTELLIGENTCIO
35